Errors when trying to configure or enable security
What kind of error are you seeing?
"LTPA password not set. validation failed" message
displayed as error in the Administrative Console after saving global security
settings
This error can be caused if, when configuring WebSphere
Application Server security, "LTPA" is selected as the authentication mechanism,
and the LTPA password field is not set. To resolve this problem:
- Select Security Authentication Mechanism > LTPA in the console
left-hand navigation pane.
- Complete the password and confirm password fields.
- Click OK.
- Try setting Global Security again.
"Validation
failed for user userid. Please try again..." displayed in the Administrative
Console after saving global security settings
This typically indicates
that a setting in the User Registry configuration is not valid:
- If the user registry is LocalOS, it is likely that either the server user
ID and password are invalid or the server user ID does not have "Act As Part
of the Operating System" (for NT) or root authority (for UNIX). The server
user ID needs this authority for authentication using the LocalOS user registry.
- If the user registry is Lightweight Directory Access Protocol (LDAP):
- Any of the settings that enable WebSphere Application Server to communicate
with LDAP might be invalid, such as the LDAP server's user ID, password, host,
port, or LDAP filter. When you select Apply or OK on the Global
Security panel, a validation routine connects to the registry just as it would
during runtime when security is enabled. This is done in order to verify any
configuration problems immediately, instead of waiting until the server restarts.
- Verify whether your LDAP server requires the Bind Distinguished Name (DN)
to find the user in the LDAP directory. If the bind distinguished name is
required, you must specify a DN instead of a short name. You can specify the
bind distinguished name by clicking Security > User Registries > LDAP in
the administrative console. For example, you might add cn=root.
- Sometimes the LDAP server might be down during configuration. The best
way to check this is to issue a command line search using a utility such as
ldapsearch to search for the server ID. This way you can determine if the
server is running and if the server ID is a valid entry in the LDAP. The ldapsearch
utility is installed during an LDAP or Lotus Notes installation.
- If the user registry is Custom, double check that your implementation
is in the classpath. Also, check to see if your implementation is authenticating
properly.
- Regardless of registry type, check the User Registries configuration panels
to see if you can find a configuration error:
- Go back to the User Registries configuration panels and retype the password
for the server ID.
- See if there is an obvious configuration error. Double check the attributes
specified.
The setupClient.bat or setupClient.sh
file is not working correctly![[Version 5.0.1 and later]](../../v501x.gif)
The
setupClient.bat file on
Windows platforms and the
setupClient.sh file on UNIX platforms incorrectly
specify the location of the SOAP security properties file.
In the setupClient.bat file,
the correct location should be:
set CLIENTSOAP=-Dcom.ibm.SOAP.ConfigURL=file:%WAS_HOME%/properties/soap.client.props
In
the setupClient.sh file, the CLIENTSOAP variable should be:
CLIENTSOAP=-Dcom.ibm.SOAP.ConfigURL=file:$WAS_HOME/properties/soap.client.props
In the setupClient.bat and setupClient.sh files,
complete the following steps:
- Remove the leading / after file:.
- Change sas to soap.
Java HotSpot(TM)
Server VM warning: Unexpected Signal 11 occurred under user-defined signal
handler 0x7895710a message occurs in the native_stdout.log file when
enabling security on the HP-UX11i platform![[Version 5.0.1 and later]](../../v501x.gif)
After you enable security on HP-UX 11i platforms, the following
error in the native_stdout.log file occurs, along with a core dump
and WebSphere Application Server does not start:
Java HotSpot(TM) Server VM warning:
Unexpected Signal 11 occurred under user-defined signal handler 0x7895710a
To
work around this error, apply the fixes recommended by HP for Java at the
following URL:
http://www.hp.com/products1/unix/java/infolibrary/patches.html
.
For current information available from IBM Support on known problems
and their resolution, see the IBM Support
page.
IBM Support
has documents that can save you time gathering information needed to resolve
this problem. Before opening a PMR, see the IBM Support
page.

Troubleshooting by task: What are you trying to do?
Searchable topic ID:
rtrb_secconfigprobs
Last updated: Jun 21, 2007 4:12:58 PM CDT
WebSphere Application Server Express, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.exp.doc/info/exp/ae/rtrb_secconfigprobs.html