PQ43860: CAN'T RESTART APP SERVER WITH WAS SECURITY ENABLED


APAR

APAR status
Closed as program error.

Error description
Refer to PMR 36995,49R,000.
Environment:
   WebSphere App Server 3.5.1 Advanced
Problem:Environment:WebSphere App Server 3.5.1 Advanced
In the above environment with WAS security enabled, stopping an app server and then starting the app server results in the following messages in the admin security trace:Problem:In the above environment with WAS security enabled, stoppingan app server and then starting the app server results in the
. [00.11.22 13:30:29:323 EST] 257147 UnixRegistryI < authenticate [00.11.22 13:30:36:580 EST] 1962e0e ORBRas A 2000.11.22 13:30:36.528 IIOPSSLConnection createSSLSocket IBM WebSphere ORB JORB0025: ""SSLSocket.SSLSocket(host, port, sslContext, SSLSocket.CLIENT)"" throws java.net.ConnectException: Connection refused. IIOPSSLConnection cannot create a new SSLSocket. [00.11.22 13:30:36:615 EST] 1962e0e ORBRas A 2000.11.22 13:30:36.613 IIOPSSLConnection createSSLSocket IBM WebSphere ORB JORB0025: ""SSLSocket.SSLSocket(host, port, sslContext, SSLSocket.CLIENT)"" throws java.net.ConnectException: Connection refused. IIOPSSLConnection cannot create a new SSLSocket. [00.11.22 13:30:36:643 EST] 1962e0e ORBRas A 2000.11.22 13:30:36.642 IIOPSSLConnection createSSLSocket IBM WebSphere ORB JORB0025: ""SSLSocket.SSLSocket(host, port, sslContext, SSLSocket.CLIENT)"" throws java.net.ConnectException: Connection refused. IIOPSSLConnection cannot create a new SSLSocket. [00.11.22 13:30:36:681 EST] 1962e0e ORBRas A 2000.11.22 13:30:36.680 IIOPSSLConnection createSSLSocket IBM WebSphere ORB JORB0025: ""SSLSocket.SSLSocket(host, port, sslContext, SSLSocket.CLIENT)"" throws java.net.ConnectException: Connection refused. IIOPSSLConnection cannot create a new SSLSocket. [00.11.22 13:30:36:685 EST] 1962e0e IExtendedSecu A 2000.11.22 13:30:36.685 SecurityConnectionInterceptor establishSecurityContext IBM WebSphere Security Unable to initialize security context. [00.11.22 13:30:36:702 EST] 1962e0e ORBRas A 2000.11.22 13:30:36.700 IIOPSSLConnection createSSLSocket IBM WebSphere ORB JORB0025: ""SSLSocket.SSLSocket(host, port, sslContext, SSLSocket.CLIENT)"" throws java.net.ConnectException: Connection refused. IIOPSSLConnection cannot create a new SSLSocket. [00.11.22 13:30:36:730 EST] 1962e0e ORBRas A 2000.11.22 13:30:36.729 IIOPSSLConnection createSSLSocket IBM WebSphere ORB JORB0025: ""SSLSocket.SSLSocket(host, port, sslContext, SSLSocket.CLIENT)"" throws java.net.ConnectException: Connection refused. IIOPSSLConnection cannot create a new SSLSocket. [00.11.22 13:30:36:749 EST] 1962e0e ORBRas A 2000.11.22 13:30:36.748 IIOPSSLConnection createSSLSocket IBM WebSphere ORB JORB0025: ""SSLSocket.SSLSocket(host, port, sslContext, SSLSocket.CLIENT)"" throws java.net.ConnectException: Connection refused. IIOPSSLConnection cannot create a new SSLSocket. [00.11.22 13:30:36:781 EST] 1962e0e ORBRas A 2000.11.22 13:30:36.779 IIOPSSLConnection createSSLSocket IBM WebSphere ORB JORB0025: ""SSLSocket.SSLSocket(host, port, sslContext, SSLSocket.CLIENT)"" throws java.net.ConnectException: Connection refused. IIOPSSLConnection cannot create a new SSLSocket. [00.11.22 13:30:36:784 EST] 1962e0e ActiveEJBServ W Failed to initialize a server: "AppServer1" java.rmi.MarshalException:following messages in the admin security trace:.[00.11.22 13:30:29:323 EST], 257147 UnixRegistryI<, authenticate[00.11.22 13:30:36:580 EST], 1962e0e ORBRas A 2000.11.2213:30:36.528 IIOPSSLConnection createSSLSocket IBM WebSphere ORBJORB0025: ""SSLSocket.SSLSocket(host, port, sslContext,SSLSocket.CLIENT)"" throws java.net.ConnectException: Connectionrefused. IIOPSSLConnection cannot create a new SSLSocket.[00.11.22 13:30:36:615 EST], 1962e0e ORBRas A 2000.11.2213:30:36.613 IIOPSSLConnection createSSLSocket IBM WebSphere ORBJORB0025: ""SSLSocket.SSLSocket(host, port, sslContext,SSLSocket.CLIENT)"" throws java.net.ConnectException: Connectionrefused. IIOPSSLConnection cannot create a new SSLSocket.[00.11.22 13:30:36:643 EST], 1962e0e ORBRas A 2000.11.2213:30:36.642 IIOPSSLConnection createSSLSocket IBM WebSphere ORBJORB0025: ""SSLSocket.SSLSocket(host, port, sslContext,SSLSocket.CLIENT)"" throws java.net.ConnectException: Connectionrefused. IIOPSSLConnection cannot create a new SSLSocket.[00.11.22 13:30:36:681 EST], 1962e0e ORBRas A 2000.11.2213:30:36.680 IIOPSSLConnection createSSLSocket IBM WebSphere ORBJORB0025: ""SSLSocket.SSLSocket(host, port, sslContext,SSLSocket.CLIENT)"" throws java.net.ConnectException: Connectionrefused. IIOPSSLConnection cannot create a new SSLSocket.[00.11.22 13:30:36:685 EST], 1962e0e IExtendedSecu A 2000.11.2213:30:36.685 SecurityConnectionInterceptorestablishSecurityContext IBM WebSphere Security Unable toinitialize security context.[00.11.22 13:30:36:702 EST], 1962e0e ORBRas A 2000.11.2213:30:36.700 IIOPSSLConnection createSSLSocket IBM WebSphere ORBJORB0025: ""SSLSocket.SSLSocket(host, port, sslContext,SSLSocket.CLIENT)"" throws java.net.ConnectException: Connectionrefused. IIOPSSLConnection cannot create a new SSLSocket.[00.11.22 13:30:36:730 EST], 1962e0e ORBRas A 2000.11.2213:30:36.729 IIOPSSLConnection createSSLSocket IBM WebSphere ORBJORB0025: ""SSLSocket.SSLSocket(host, port, sslContext,SSLSocket.CLIENT)"" throws java.net.ConnectException: Connectionrefused. IIOPSSLConnection cannot create a new SSLSocket.[00.11.22 13:30:36:749 EST], 1962e0e ORBRas A 2000.11.2213:30:36.748 IIOPSSLConnection createSSLSocket IBM WebSphere ORBJORB0025: ""SSLSocket.SSLSocket(host, port, sslContext,SSLSocket.CLIENT)"" throws java.net.ConnectException: Connectionrefused. IIOPSSLConnection cannot create a new SSLSocket.[00.11.22 13:30:36:781 EST], 1962e0e ORBRas A 2000.11.2213:30:36.779 IIOPSSLConnection createSSLSocket IBM WebSphere ORBJORB0025: ""SSLSocket.SSLSocket(host, port, sslContext,SSLSocket.CLIENT)"" throws java.net.ConnectException: Connectionrefused. IIOPSSLConnection cannot create a new SSLSocket.[00.11.22 13:30:36:784 EST], 1962e0e ActiveEJBServ W Failed to
CORBA COMM_FAILURE 1 No; nested exception is:initialize a server: "AppServer1" java.rmi.MarshalException:
org.omg.CORBA.COMM_FAILURE: minor code: 1 completed: No org.omg.CORBA.COMM_FAILURE: minor code: 1 completed: No at java.lang.Throwable.fillInStackTrace(Native Method) at java.lang.Throwable.fillInStackTrace(Compiled Code) at java.lang.Throwable.<init>(Compiled Code) at java.lang.Exception.<init>(Compiled Code) at java.lang.RuntimeException.<init>(Compiled Code) at org.omg.CORBA.SystemException.<init>(Compiled Code) at org.omg.CORBA.COMM_FAILURE.<init>(Compiled Code) at org.omg.CORBA.COMM_FAILURE.<init>(Compiled Code) at com.ibm.CORBA.iiop.ConnectionTable.createSSLConnection(Compiled Code) at com.ibm.CORBA.iiop.ConnectionTable.get(Compiled Code) at com.ibm.CORBA.iiop.GIOPImpl.createRequest(Compiled Code) at com.ibm.CORBA.iiop.GIOPImpl.createRequest(Compiled Code) at com.ibm.CORBA.iiop.ClientDelegate.createRequest(Compiled Code) at com.ibm.CORBA.iiop.ClientDelegate.request(Compiled Code) at org.omg.CORBA.portable.ObjectImpl._request(Compiled Code) at com.ibm.ejs.sm.agent._AdminAgent_Stub.invokeActiveObject(Compile d Code) at com.ibm.ejs.sm.active.ActiveEJBServerProcess.configureServer(Com piled Code) at com.ibm.ejs.sm.active.ActiveEJBServerProcess.startAction(ActiveE JBServerProcess.java:157) at com.ibm.ejs.sm.active.ActiveObject.startObject(Compiled Code) at com.ibm.ejs.sm.active.ActiveObject.start(Compiled Code) at java.lang.reflect.Method.invoke(Native Method) at java.lang.reflect.Method.invoke(Compiled Code) at com.ibm.ejs.sm.agent.AdminAgentImpl.activeObjectInvocation(Compi led Code) at com.ibm.ejs.sm.active.ActiveObject.invokeContainedObject(Compile d Code) at com.ibm.ejs.sm.agent.AdminAgentImpl.activeObjectInvocation(Compi led Code) at com.ibm.ejs.sm.agent.AdminAgentImpl.invokeActiveObject(Compiled Code) at com.ibm.ejs.sm.agent._AdminAgent_Stub.invokeActiveObject(Compile d Code) at com.ibm.ejs.sm.beans.LiveRepositoryObjectImpl$StartTask.execute( LiveRepositoryObjectImpl.java:836) at com.ibm.ejs.sm.util.task.AsyncTaskEngine$WorkerThread.run(Compil ed Code) . After this occurs, restarting the WebSphere Application Server entirely is required to clear this condition where the app server will not start. The app server should not have problems restarting with WAS security enabled. Additional security and SAS traces are available in weblev2, but I can provide them if access to weblev2 is not available. Please have the WAS security developers address this.
CORBA COMM_FAILURE 1 No; nested exception is:org.omg.CORBA.COMM_FAILURE: minor code: 1 completed: Noorg.omg.CORBA.COMM_FAILURE: minor code: 1 completed: Noat java.lang.Throwable.fillInStackTrace(Native Method)at java.lang.Throwable.fillInStackTrace(Compiled Code)at java.lang.Throwable.(Compiled Code)at java.lang.Exception.(Compiled Code)at java.lang.RuntimeException.(Compiled Code)at org.omg.CORBA.SystemException.(Compiled Code)at org.omg.CORBA.COMM_FAILURE.(Compiled Code)at org.omg.CORBA.COMM_FAILURE.(Compiled Code)atcom.ibm.CORBA.iiop.ConnectionTable.createSSLConnection(CompiledCode)at com.ibm.CORBA.iiop.ConnectionTable.get(Compiled Code)at com.ibm.CORBA.iiop.GIOPImpl.createRequest(Compiled Code)at com.ibm.CORBA.iiop.GIOPImpl.createRequest(Compiled Code)at com.ibm.CORBA.iiop.ClientDelegate.createRequest(CompiledCode)at com.ibm.CORBA.iiop.ClientDelegate.request(Compiled Code)at org.omg.CORBA.portable.ObjectImpl._request(Compiled Code)atcom.ibm.ejs.sm.agent._AdminAgent_Stub.invokeActiveObject(Compiled Code)atcom.ibm.ejs.sm.active.ActiveEJBServerProcess.configureServer(Compiled Code)atcom.ibm.ejs.sm.active.ActiveEJBServerProcess.startAction(ActiveEJBServerProcess.java:157)at com.ibm.ejs.sm.active.ActiveObject.startObject(CompiledCode)at com.ibm.ejs.sm.active.ActiveObject.start(Compiled Code)at java.lang.reflect.Method.invoke(Native Method)at java.lang.reflect.Method.invoke(Compiled Code)atcom.ibm.ejs.sm.agent.AdminAgentImpl.activeObjectInvocation(Compiled Code)atcom.ibm.ejs.sm.active.ActiveObject.invokeContainedObject(Compiled Code)atcom.ibm.ejs.sm.agent.AdminAgentImpl.activeObjectInvocation(Compiled Code)atcom.ibm.ejs.sm.agent.AdminAgentImpl.invokeActiveObject(CompiledCode)atcom.ibm.ejs.sm.agent._AdminAgent_Stub.invokeActiveObject(Compiled Code)atcom.ibm.ejs.sm.beans.LiveRepositoryObjectImpl$StartTask.execute(LiveRepositoryObjectImpl.java:836)atcom.ibm.ejs.sm.util.task.AsyncTaskEngine$WorkerThread.run(Compiled Code).After this occurs, restarting the WebSphere ApplicationServer entirely is required to clear this condition where theapp server will not start. The app server should not haveproblems restarting with WAS security enabled. Additionalsecurity and SAS traces are available in weblev2, but I canprovide them if access to weblev2 is not available. Please havethe WAS security developers address this.
Local fix
Problem summary
defects:
88231 - Programmatic Login w/Invalid UID/PW Uses Server Creds
87932 - Admin agent won't start when security is enabled.
88423 - Random SessionDoesNotExist Errors After AdminServer
        Startup.
88010 - SessionDoesNotExist Exceptions During Server Startup.
88515 - Sessions can be lost for long-running applications.
89056 - notifyBrokenConnection only deletes the first Session.
89057 - Client connections allowed prior to securityEnabled =
        true
88221 - Credential is invalid errors causing instabilities on
        AdminServ
88477 - Change marshal to locatedIOR in
        SecurityConnectionInterceptor.
82640 - Allow detailed messages to be passed into Corba
        Exceptions.
90054 - Multiple threads entering initSecurityServer at same
        time.
89736 - Misleading error string for invalid user logon.
89247 - Try/Catch block not setup correctly.
defects:88231 - Programmatic Login w/Invalid UID/PW Uses Server Creds87932 - Admin agent won't start when security is enabled.88423 - Random SessionDoesNotExist Errors After AdminServerStartup.88010 - SessionDoesNotExist Exceptions During Server Startup.88515 - Sessions can be lost for long-running applications.89056 - notifyBrokenConnection only deletes the first Session.89057 - Client connections allowed prior to securityEnabled =true88221 - Credential is invalid errors causing instabilities onAdminServ88477 - Change marshal to locatedIOR inSecurityConnectionInterceptor.82640 - Allow detailed messages to be passed into CorbaExceptions.90054 - Multiple threads entering initSecurityServer at sametime.89736 - Misleading error string for invalid user logon.89247 - Try/Catch block not setup correctly.
Problem conclusion
Temporary fix
               sas-r3501-1215.jar
               sas-r3502-1215.jar
can be found in the appropriate folders under pq43860.
Comments
APAR information
APAR numberPQ43860
Reported component nameWAS ADVANCED AI
Reported component ID5648C8400
Reported release350
StatusCLOSED PER
PENoPE
HIPERNoHIPER
Submitted date2000-11-27
Closed date2001-01-03
Last modified date2001-12-17

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:APAR is sysrouted FROM one or more of the following:


Modules/Macros
SECURITY
APAR is sysrouted TO one or more of the following:Modules/Macros

Fix information
Fixed component nameWAS ADVANCED AI
Fixed component ID5648C8400

Applicable component levels
R300 PSYUP
R350 PSYUP











Document Information

Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, General
Software version: 350
Reference #: PQ43860
IBM Group: Software Group
Modified date: 2001-12-17