The root cause of the problem in this case was that Local
OS authentication was configured as the security mechanism in a
distributed, multi-node environment.
If there is a security error detected, the Administrative Console
cannot display the true status properly. In this case, it is failing on
"isStarted", so the Administrative Console erroneously shows the listener
port state as "Stopped".
After a combination of diagnostic tracing for Messaging and Console
components it was found that the listener port was indeed "Started" and
working:
ListenerPortC d ListenerPort is Active
WebSphere:platform=common,cell=CELLNAME,version=5.0,name=CELLLQ,mbeanIdentifier=cells/CELLNAME/nodes/nodename/servers/SERVERNAME/server.xml#ListenerPort_1074083300719,type=ListenerPort,node=nodename,process=SERVERNAME
However, in the Administrative Console trace the following was found:
javax.management.JMRuntimeException: ADMN0022E: Access denied for the
isStarted operation on ListenerPort MBean due to insufficient or empty
credentials.
com.ibm.ws.console.servermanagement.messagelistener.ListenerPortController.setupCollectionForm(ListenerPortController.java:161)
|
In this particular case, IBM® WebSphere® Application
Server was set to use the Local OS user registry for authentication. This
works fine when all application servers are on the same machine.
However, the servers and administrative process were spread over
multiple machines, preventing the Local OS from providing the needed
credentials for the Administrative Console to display the status of remote
message listener ports.
When using multiple node configurations, LDAP is recommended for the
user registry. More information on this can be found in the WebSphere
Application Server Information Center at:
http://publib.boulder.ibm.com/infocenter/ws51help/index.jsp?topic=/com.ibm.websphere.base.doc/info/aes/ae/csec_global.html
|