jConsole to WAS6.1 with security? - Websphere

This is a discussion on jConsole to WAS6.1 with security? - Websphere ; I'm able to successfully use jConsole to connect to WebSphere 6.1 and see all of the MBean names; however, all of the MBeans' properties' values are "Unavailable". Likewise, executing an operation fails as well. Here's the exception on the server-side ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: jConsole to WAS6.1 with security?

  1. jConsole to WAS6.1 with security?

    I'm able to successfully use jConsole to connect to WebSphere 6.1 and see all of the MBean names; however, all of the MBeans' properties' values are "Unavailable". Likewise, executing an operation fails as well. Here's the exception on the server-side (very much like the exception reported in the jConsole client):

    [5/22/09 8:02:30:312 EDT] 00000013 RoleBasedAuth A SECJ0305I: The role-based authorization check failed for admin-authz operation PoolingContextSource:getMaxActive. The user UNAUTHENTICATED (unique ID: unauthenticated) was not granted any of the following required roles: operator, administrator.
    [5/22/09 8:05:28:625 EDT] 000001a9 RoleBasedAuth E SECJ0306E: No received or invocation credential exist on the thread. The Role based authorization check will not have an accessId of the caller to check. The parameters are: access check method getMaxActive on resource PoolingContextSource and module PoolingContextSource. The stack trace is java.lang.Exception: Invocation and received credentials are both null
    at com.ibm.ws.security.role.RoleBasedAuthorizerImpl.c heckAccess(RoleBasedAuthorizerImpl.java:287)
    at com.ibm.ws.management.AdminServiceImpl.preInvoke(A dminServiceImpl.java:2008)
    at com.ibm.ws.management.AdminServiceImpl.access$400( AdminServiceImpl.java:114)
    at com.ibm.ws.management.AdminServiceImpl$1.run(Admin ServiceImpl.java:1083)
    at com.ibm.ws.security.util.AccessController.doPrivil eged(AccessController.java:118)
    at com.ibm.ws.management.AdminServiceImpl.invoke(Admi nServiceImpl.java:999)
    at com.ibm.ws.management.remote.AdminServiceForwarder .invoke(AdminServiceForwarder.java:163)
    at javax.management.remote.rmi.RMIConnectionImpl.doOp eration(RMIConnectionImpl.java:1423)

    The thing is, though, I'm specifying credentials (the very same credentials I can access my admin console with). Here's the command line I'm using to launch jConsole (from my WAS_HOME folder):

    java\bin\jconsole -J-Djava.class.path=java\lib\tools.jar;runtimes\com.i bm.ws.admin.client_6.1.0.jar -J-Djava.naming.factory.initial=com.ibm.websphere.nam ing.WsnInitialContextFactory -J-Dcom.ibm.CORBA.loginUserid=wasadmin -J-Dcom.ibm.CORBA.loginPassword=wasadmin -J-Dcom.ibm.CORBA.ConfigURL=filerofiles\was61profile1\properties\sas.client.props -J-Dcom.ibm.SSL.ConfigURL=filerofiles\was61profile1\properties\ssl.client.props

    I've also tried with various permutations of the properties shown above.

    jConsole launches fine, and I connect using the "advanced" tab with the following URL: service:jmx:iiop://localhost:2810/jndi/JMXConnector. I've tried supplying the credentials in the fields in that connect dialog as well to no avail.

    The connection succeeds, and I can see hundreds of MBeans, but each ones' proprties say "Unavailable" and operation execution fails.

    Any ideas?

  2. Re: jConsole to WAS6.1 with security?

    I am having the exactly same issue.

    Trinition: has your problem been resolved? If so, would you mind sharing the solution? Thanks.

+ Reply to Thread