Enabling Security On Multi-node Configuration Fails
 Technote (FAQ)
 
Problem
In a multi-node configuration, security is enabled and the servers are restarted. The first node starts fine and permits logging into the admin console successfully.

On the second node in the cluster, when WebSphere is restarted to effect the changes, the following errors are displayed:

[10/11/02 11:51:04:560 CDT] 772cc9c9 SystemOut U JSAS0414E:
The configuration is incorrect; the server may not start or may not function correctly. If you get this error, other errors will have preceded it which describe the problems with the configuration.

[10/11/02 11:54:59:743 CDT] 772cc9c9 SystemOut U JSAS0454E:
Could not create local credentials. Check the sas.server.props com.ibm.CORBA.PrincipalName, com.ibm.CORBA.UserID, and
com.ibm.CORBA.Password properties to ensure they are valid. For the
com.ibm.CORBA.PrincipalName, ensure the correct realm is specified in front of the userid (realm/userid). If you do not see any problems with these properties, contact support for assistance.

[10/11/02 11:55:08:948 CDT] 772cc9c9 Initializer X SECJ0007E: Error during security initialization. Exception Authentication Failed at location: java.lang.Exception: Authentication Failed
at com.ibm.ejs.security.SecurityContext.getActualCreds(SecurityContext.java :79)
at com.ibm.ejs.security.Initializer.bindServerIdToAdminApp(Initializer.java :461)
at com.ibm.ejs.security.Initializer.initialize(Initializer.java:220)
at com.ibm.ejs.security.Initializer.serverStarted(Initializer.java:136)
at com.ibm.ws.runtime.Server.fireServerStarted(Server.java:2018)
at com.ibm.ws.runtime.Server.fireServerStarted(Server.java:2011)
at com.ibm.ejs.sm.server.AdminServer.initializeRuntime0(AdminServer.java:11 44)
at com.ibm.ws.runtime.Server.initializeRuntime(Server.java:884)
at com.ibm.ejs.sm.server.AdminServer.main(AdminServer.java:392)
at java.lang.reflect.Method.invoke(Native Method)
at com.ibm.ws.bootstrap.WSLauncher.main(WSLauncher.java:158)
 
Cause
In this case, the sas.server.props on the 2nd node did not show security enabled or any of the security settings from the first node.

Even stopping both nodes and modifying sas.server.props on the 2nd node and deleting the sas.server.props.future on the 2nd node did not work.

The 2nd node's sas.server.props kept getting reset to no security enabled (SecurityEnabled=false).

 
Solution
Stop both nodes then:
  • delete the sas.server.props.future on BOTH nodes,
  • update the sas.server.props on the 2nd node with the security settings from the first node (SecurityEnabled=true, login id, login password, etc.),
  • then restart both nodes.
 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): HP-UX
Software version: 4.0
Software edition:
Reference #: 1079162
IBM Group: Software Group
Modified date: Aug 30, 2004