PQ87998: Excessive SECJ messages in logs for failed authentication. Causing logs to fill and performance issues. | |||||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description Problem Description: The WebSphere security classes are throwing "SECJ" errors in the SystemOut logs of the app servers whenever a user fails to authenticate (ie. they type a bad password) against a back end system. We need a way to supress these because they are filling logs. SECJ0118E SECJ4001E SECJ0369ELocal fix Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V5.0 for z/OS * **************************************************************** * PROBLEM DESCRIPTION: Excessive SECJ messages in logs for * * failed authentication, causing logs to * * fill. * * SECJ4001E * * SECJ0369E * **************************************************************** * RECOMMENDATION: * **************************************************************** WebSphere security classes are issuing "SECJ0369E" and "SECJ4001E" messages, with a stack trace included, in the logs of the app servers whenever a user fails to authenticate (ie. they type a bad password, or use an invalid username). There is a need to suppress these messages because they are filling up the logs. Example: A user tried to login into the AdminConsole using invalid user="MYUSERID". The following list shows all the messages being issued for this particular error <1> Trace: 2004/04/21 13:54:24.566 01 t=8CECF0 c=3.2 key=P8 Description: Log Boss/390 Error from filename: ./bbossrun.cpp at line: 1588 error message: BBOS0108E Credential handling function RunAsGetSpecCred failed in Routine IRRSIA00 with SAF Return Code(hex): 8, RACF Return Code (hex): 8, and RACF Reason Code (hex): 10. <2.> Trace: 2004/04/21 13:54:24.795 01 t=8CECF0 c=3.2 key=P8 FunctionName: com.ibm.ws.security.registry.zOS.SAFRegistryImp SourceId: com.ibm.ws.security.registry.zOS.SAFRegistryImpl Category: ERROR ExtendedMessage: SECJ0055E: Authentication failed for MYUSERID The user id or password may have been entered incorrectly or misspelled. The user id may not exist, the account could have expired or disabled. The password may have expired. Repeats with the BBO wrapper Trace: 2004/04/21 13:54:24.796 01 t=8CECF0 c=3.2 key=P8 Description: Log Boss/390 Error from filename: ./bborjtr.cpp at line: 820 error message: BBOO0220E SECJ0055E: Authentication failed for MYUSERID. The user id or password may have been entered incorrectly or misspelled. The user id may not exist, the account could have expired or disabled. The password may have expired. com.ibm.ws.security.registry.zOS.SAFRegistryImpl com.ibm.ws.security.registry.zOS.SAFRegistry <3.> Trace: 2004/04/21 13:54:24.887 01 t=8CECF0 c=3.2 key=P8 FunctionName: com.ibm.ws.security.ltpa.LTPAServerObject SourceId: com.ibm.ws.security.ltpa.LTPAServerObject Category: ERROR ExtendedMessage: SECJ0369E: Authentication failed when using LTPA. The exception is com.ibm.websphere.security.Password CheckFailedException: Authentication failed for user: MYUSERID at com.ibm.ws.security.registry.zOS.SAFRegistryImpl.checkPWGet at com.ibm.ws.security.registry.UserRegistryImpl.checkPWGetOSC at com.ibm.ws.security.ltpa.LTPAServerObject.authenticate(LTPA at com.ibm.ws.security.web.AuthenLoginModule.login(AuthenLogin at com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleP at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcc at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingM at java.lang.reflect.Method.invoke(Method.java(Compiled Code)) at javax.security.auth.login.LoginContext.invoke(LoginContext. at javax.security.auth.login.LoginContext.access$000(LoginCont at javax.security.auth.login.LoginContext$4.run(LoginContext.j at java.security.AccessController.doPrivileged1(Native Method) at java.security.AccessController.doPrivileged(AccessControlle at javax.security.auth.login.LoginContext.invokeModule(LoginCo at javax.security.auth.login.LoginContext.login(LoginContext.j at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLog at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLog at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextMa at com.ibm.ws.security.web.FormLoginServlet.formLogin(FormLogi at com.ibm.ws.security.web.FormLoginServlet.doPost(FormLoginSe at javax.servlet.http.HttpServlet.service(HttpServlet.java:760 at javax.servlet.http.HttpServlet.service(HttpServlet.java:853 at com.ibm.ws.webcontainer.servlet.StrictServletInstance.doSer at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet._ser at com.ibm.ws.webcontainer.servlet.IdleServletState.service(St at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet.serv at com.ibm.ws.webcontainer.servlet.ServletInstance.service(Ser at com.ibm.ws.webcontainer.servlet.ValidServletReferenceState. at com.ibm.ws.webcontainer.servlet.ServletInstanceReference.di at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.hand at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.disp at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forw at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppI at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationH at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.h at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatc at com.ibm.ws390.wc.httpcatcher.WS390Router$WS390RouterDispatc at com.ibm.ws390.wc.httpcatcher.WS390Router$WS390RouterDispatc at com.ibm.ws390.wc.httpcatcher.WS390Router$WS390RouterDispatc at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(H at com.ibm.ws390.wc.http.HttpConnection.readAndHandleRequest(H at com.ibm.ws390.wc.http.HttpConnection.handle390Request(HttpC at com.ibm.ws390.wc.httpcatcher.WS390HttpTransport.handleReque Repeats with the BBO wrapper Trace: 2004/04/21 13:54:24.888 01 t=8CECF0 c=3.2 key=P8 Description: Log Boss/390 Error from filename: ./bborjtr.cpp at line: 820 error message: BBOO0220E SECJ0369E: Authentication failed when using LTPA. The exception is com.ibm.websphere.security. PasswordCheckFailedException: Authentication failed for user: MYUSERID at com.ibm.ws.security.registry.zOS.SAFRegistryImpl.checkPWGet at com.ibm.ws.security.registry.UserRegistryImpl.checkPWGetOSC at com.ibm.ws.security.ltpa.LTPAServerObject.authenticate(LTPA at com.ibm.ws.security.web.AuthenLoginModule.login(AuthenLogin at com.ibm.ws.security.common.auth.module.proxy.WSLoginModuleP at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcc at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingM :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: <4.> Trace: 2004/04/21 13:54:24.919 01 t=8CECF0 c=3.2 key=P8 FunctionName: com.ibm.ws.security.auth.JaasLoginHelper SourceId: com.ibm.ws.security.auth.JaasLoginHelper Category: ERROR ExtendedMessage: SECJ4001E: Login failed for MYUSERID/WASRACFREALM com.ibm.websphere.security.auth. WSLoginFailedException: Authentcation failed for user: MYUSERID at com.ibm.ws.security.server.lm.swamLoginModule.login(swamLogi at com.ibm.ws.security.common.auth.module.proxy.WSLoginModulePr at java.lang.reflect.Method.invoke(Native Method) at javax.security.auth.login.LoginContext.invoke(LoginContext.j at javax.security.auth.login.LoginContext.access$000(LoginConte at javax.security.auth.login.LoginContext$3.run(LoginContext.ja at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokeModule(LoginCon at javax.security.auth.login.LoginContext.login(LoginContext.ja at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLogi at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextMan at com.ibm.ws.security.web.FormLoginServlet.formLogin(FormLogin at com.ibm.ws.security.web.FormLoginServlet.doPost(FormLoginSer at javax.servlet.http.HttpServlet.service(HttpServlet.java:760) at javax.servlet.http.HttpServlet.service(HttpServlet.java:853) at com.ibm.ws.webcontainer.servlet.StrictServletInstance.doServ at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet._serv at com.ibm.ws.webcontainer.servlet.IdleServletState.service(Str at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet.servi at com.ibm.ws.webcontainer.servlet.ServletInstance.service(Serv at com.ibm.ws.webcontainer.servlet.ValidServletReferenceState.d at com.ibm.ws.webcontainer.servlet.ServletInstanceReference.dis at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.handl at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispa at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forwa at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppIn at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHo at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.ha at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatch at com.ibm.ws390.wc.httpcatcher.WS390Router$WS390RouterDispatch at com.ibm.ws390.wc.httpcatcher.WS390Router$WS390RouterDispatch at com.ibm.ws390.wc.httpcatcher.WS390Router$WS390RouterDispatch at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(Ht at com.ibm.ws390.wc.http.HttpConnection.readAndHandleRequest(Ht at com.ibm.ws390.wc.http.HttpConnection.handle390Request(HttpCo at com.ibm.ws390.wc.httpcatcher.WS390HttpTransport.handleReques at com.ibm.ws390.wc.httpcatcher.WS390HttpTransportWrapper.https at com.ibm.ws390.orb.ServerRegionBridge.invoke(ServerRegionBrid at com.ibm.ws390.orb.ORBEJSBridge.invoke(ORBEJSBridge.java:170) --------------------------------------------------------------- com.ibm.websphere.security.PasswordCheckFailedException: Authent at com.ibm.ws.security.registry.zOS.SAFRegistryImpl.checkPWGetO at com.ibm.ws.security.registry.UserRegistryImpl.checkPWGetOSCr Repeats with the BBO wrapper Trace: 2004/04/21 13:54:24.922 01 t=8CECF0 c=3.2 key=P8 Description: Log Boss/390 Error from filename: ./bborjtr.cpp at line: 820 error message: BBOO0220E SECJ4001E: Login failed for MYUSERID/WASRACFREALM com.ibm.websphere.security.auth. WSLoginFailedException: Authentcation failed for user: MYUSERID at com.ibm.ws.security.server.lm.swamLoginModule.login(swamLogi at com.ibm.ws.security.common.auth.module.proxy.WSLoginModulePr at java.lang.reflect.Method.invoke(Native Method) at javax.security.auth.login.LoginContext.invoke(LoginContext.j at javax.security.auth.login.LoginContext.access$000(LoginConte at javax.security.auth.login.LoginContext$3.run(LoginContext.ja at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.login.LoginContext.invokeModule(LoginCon at javax.security.auth.login.LoginContext.login(LoginContext.ja at com.ibm.ws.security.auth.JaasLoginHelper.jaas_login(JaasLogi at com.ibm.ws.security.auth.ContextManagerImpl.login(ContextMan ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: <5.> Trace: 2004/04/21 13:54:25.019 01 t=8CECF0 c=3.2 key=P8 FunctionName: com.ibm.ws.security.web.FormLoginServlet SourceId: com.ibm.ws.security.web.FormLoginServlet Category: ERROR ExtendedMessage: SECJ0118E: Authentication error during authentication for user MYUSERID Repeats with the BBO wrapper Trace: 2004/04/21 13:54:25.020 01 t=8CECF0 c=3.2 key=P8 Description: Log Boss/390 Error from filename: ./bborjtr.cpp at line: 820 error message: BBOO0220E SECJ0118E: Authentication error during authentication for user MYUSERID.Problem conclusion The code was modified to remove the stack trace output from messages <3> and <4> -- SECJ0369E, and SECJ4001E. APAR PQ87998 is associated with SERVICE LEVEL W502009 of WebSphere Application Server V5.0 for z/OS.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: PQ82431 APAR is sysrouted TO one or more of the following: Modules/Macros
Publications Referenced
|
Document Information |
Current web document: swg1PQ87998.html
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 500
Software edition:
Reference #: PQ87998
IBM Group: Software Group
Modified date: Jun 3, 2004
(C) Copyright IBM Corporation 2000, 2009. All Rights Reserved.