MustGather: Global Security problems for WebSphere Application Server
 Technote (troubleshooting)
 
Problem(Abstract)
Collecting data for problems with IBM® WebSphere® Application Server Global Security. Gathering this MustGather information before calling IBM support will help you understand the problem and save time analyzing the data.
 
Resolving the problem

Do you want to automate the collection of MustGather data?
You can automatically collect this data using IBM Support Assistant (ISA) Lite - a special offering that contains the data collector component of the IBM Support Assistant Workbench.

For a full range of problem-solving features, install the IBM Support Assistant Workbench - your support workbench for finding answers and solving problems. The workbench contains all the data collection capability of ISA Lite plus much more!

If you have already contacted support, continue on to the component specific MustGather information. Otherwise, click: MustGather: Read first for all WebSphere Application Server products.

Collecting Global Security specific information
  • Enable tracing for Version 6.0 and 6.1:
    1. Open up the administrative console.

    2. Expand TroubleShooting > Logs and Trace > server_name.

    3. Select Diagnostic Trace Service. Increase the Maximum Number of Historical Files from 1 to 10.

    4. Click Apply, then select Change Log Detail Levels.

    5. Clear the trace string in the box and replace it with the following:

      com.ibm.ws.security.*=all

      Note: If the problem is with authentication to an Enterprise JavaBean™, use the following trace string:

      SASRas=all:com.ibm.ws.security.*=all:ORBRas=all

    6. Click Apply and Save. Continue with the Capture the required documentation section.

  • Enable tracing for Version 5.0 and 5.1:
    1. Open up the administrative console.

    2. Expand Servers > Application Servers > server_name.

    3. Select Diagnostic Trace Service.

    4. Increase the Maximum Number of Historical Files from 1 to 10.

    5. Clear the trace string in the Trace Specification field and replace with the following trace string:

      com.ibm.ws.security.*=all=enabled

      Note: If the problem is with authentication to an Enterprise JavaBean, use the following trace string:

      SASRas=all=enabled:com.ibm.ws.security.*=all=enabled:ORBRas=all=enabled

    6. Click Apply and Save. Continue with the Capture the required documentation section.

  • Capture the required documentation
    1. Delete or rename the logs in the following directory:

      install_root/logs

      If you are running the deployment manager (dmgr), also delete the logs in the following directory:

      dmgr_install_root/logs

      Note: This ensures that the logs are fresh.

    2. Recreate the problem. It is important to make note of the time the problem occurs, the user ID, and the exact URL being invoked.

    3. Run the collector tool:
      • For V6.0 and 6.1 users, run the collector tool located in the profile_home/bin directory on both Network Deployment (for federated environment only) and base Application Server profiles.

      • For V5.0 and 5.1 users, run the collector tool located in the install_root/bin directory on both Network Deployment (for federated environment only) and base Application servers.

    4. Follow instructions to send diagnostic information to IBM support.

For a listing of all technotes, downloads, and educational materials specific to Security, search the WebSphere Application Server support site.

Note: Only if requested by IBM Support, you can collect communication traces as described below:
  1. Specify the following trace string and an output file name in Diagnostic Trace Service:

    SASRas=all=enabled:com.ibm.ws.security.*=
    all=enabled:ORBRas=all=enabled

  2. To enable COMM tracing, insert the following in the Generic JVM arguments field:

    -Dcom.ibm.CORBA.Debug=true
    -Dcom.ibm.CORBA.CommTrace=true
 
Related information
Steps to get support
Submitting information to IBM support
Troubleshooting guide
 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers WebSphere Application Server - Express Security AIX, HP-UX, Linux, Solaris, Windows 6.1, 6.0, 5.1, 5.0
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 6.1
Software edition:
Reference #: 1140669
IBM Group: Software Group
Modified date: Mar 22, 2007