Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

How to debug single sign-on in Websphere 7.0.0.29 when it's not working?

Hi,

We're evaluating using WAS for the application server.  Currently all our deployments are using Tomcat.


I set up JTS and CCM 4.0.1 on one server with WAS 7.0.0.27 and RQM 4.0.1 on a second server with WAS 7.0.0.29.  The back-end DB is DB2 and is on the first server.  I went through jts/setup and that went successful. 

I'm now trying to setup single sign-on.  The instructions are fairly easy and I followed them closely. However after logging into JTS or CCM, when I switch to login to RQM on the other server I still get the login page. I looked in the logs and found the error below in the FFDC directory of the RQM server.  I also noticed that with Tomcat the login for RQM would be a popup.  In this case I got a full-screen for login and not a popup panel.  Not sure if this makes a difference.  I also haven't set up the SSL certificates and assumed I could after setting up single sign-on.

What is the best way to debug this besides looking in the logs?  Is there a way in the browser to tell what the cookie is passing to see if it's correct?   I'm using Firefox. Thanks,



[7/25/13 23:37:34:365 PDT]     FFDC Exception:com.ibm.websphere.management.exception.ConnectorException SourceId:com.ibm.ws.ssl.utils.AdminCertificateHelper.AdminClientGetMBeanAction.run ProbeId:392 Reporter:com.ibm.ws.management.util.AdminCertificateHelper$AdminClientGetMBeanAction@7aec7aec
com.ibm.websphere.management.exception.ConnectorException: ADMC0016E: The system cannot create a SOAP connector to connect to host svljazz05.svldev.svl.ibm.com at port 8881.


0 votes



2 answers

Permanent link
Hello Michael,
I would simply open PMR for WAS support. They should help you.

0 votes


Permanent link
Hello  Michael,

here are the steps i would take:  
1. Do a sanity check and ensure all the steps in the following V7 infocenter have been followed
http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/index.jsp?topic=%2Fcom.ibm.websphere.express.iseries.doc%2Finfo%2Fiseriesexp%2Fae%2Ftsec_msso.html
2. tail the log where Qm is  installed to determine what error is being logged if any durring the attempt to log in.
3. If nothing stands out as being mis-configured, then would suggest collecting the following mustgathers and engaging WAS support
http://www-01.ibm.com/support/docview.wss?uid=swg21470063


For the question about the cookie, I believe WAS uses JSESSION IDs.  If the ID is not in the url, then  a tool like firebug  should help.

For the ffdc error , if this occurs before the server has fully initialized,  is most likely a red herring.  However if it occurs after initialization, then I would attempt to connect on that host:port combination using the wasadmin tool.  
BTW: This soap port is used for WAS scripting, which is done using the wasadmin tool...if it is unaccessible, it could cause other issues.

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 7,487
× 1,381

Question asked: Jul 26 '13, 3:10 a.m.

Question was seen: 7,901 times

Last updated: Jul 29 '13, 11:59 a.m.

Confirmation Cancel Confirm