PQ56292: STATING ADMIN CONSOLE WITH 'ADMIN ROLE' USERID FAILS AND ERROR MESSAGE DOES NOT INCLUDE PERMISSIONS NEEDED

APAR status
Closed as program error.

Error description
When an adminrole is defined in the Websphere Application Server
Security Console and then the user switches to that adminrole
userid (su xxxxx) and attempts to start the admin console,
without first modifying the permissions of the
/usr/WebSphere/AppServer/properties files for that userid, a
failure message displays:
.
ADGU2009E Security Error: Either username/password is wrong or
this user is not authorised to connect to admin server
.
It is not clear from this message why this failed.
Local fix
Modify message to include information for this failure;
something like:
.
ADGU2009E Security Error: Either username/password is wrong or
this user is not authorised to connect to admin server. User
must have read/write permission for Websphere security property
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users who       *
*                 run the adminconsole under non-root ID.      *
****************************************************************
* PROBLEM DESCRIPTION: Can not start admin console while       *
*                      running adminconsole under non-root.    *
*                      The cause is due to non-access to       *
*                      security property files(in this case,   *
*                      sas.client.props).                      *
****************************************************************
* RECOMMENDATION: If running admin console under non-root,     *
*                 make sure non-root user has access to        *
*                 websphere security property files such as    *
*                 sas.client.props.                            *
****************************************************************
Running admin console under non-root received a "ADGU2009E
Security Error: Either username/password is wrong or
this user is not authorised to connect to admin server."
which is inaccurative. Since the cause is that user does not
have access to security property files, the message needs to
be modified to include "User must have permission to WebSphere
security property files.".
Problem conclusion
A more descriptive error message is being added.
Temporary fix Comments
APAR information
APAR number PQ56292
Reported component name WEBSPHERE AE AI
Reported component ID 5630A2200
Reported release 400
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2002-01-03
Closed date 2002-01-22
Last modified date 2003-04-29

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
SECURITY          

Fix information
Fixed component name WEBSPHERE AE AI
Fixed component ID 5630A2200

Applicable component levels
R400 PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 400
Software edition:
Reference #: PQ56292
IBM Group: Software Group
Modified date: Apr 29, 2003