It's all about the answers!

Ask a question

Web UI Problem with LDAP


Tom Frauenhofer (1.3k58435) | asked Dec 04 '07, 3:28 p.m.
Running 0.6M4 with WAS and an LDAP server. RTC client works fine and the
Web UI also works fine, up to a point.

The Web UI LDAP authentication prompts for my id and allows me to login
normally. Once logged in, if I click on 'Admin' the browser shows
'Loading' and just hangs.

The following error appears in the WAS log:

SECJ0129E: Authorization failed for fred while invoking GET on
default_host:/jazz/admin/cmd/isRepositoryAvailable, Authorization
failed, Not granted any of the required roles: JazzAdmins

The user 'fred' is defined in the LDAP and in the Repository as a JazzAdmin.

Any help appreciated

4 answers



permanent link
Richard Backhouse (6661) | answered Dec 04 '07, 3:48 p.m.
JAZZ DEVELOPER
The message in the log indicates that fred is not in the JazzAdmins
role. Are you sure you declared the ldap group as JazzAdmins and not
JazzAdmin ?

David Ward wrote:
Running 0.6M4 with WAS and an LDAP server. RTC client works fine and the
Web UI also works fine, up to a point.

The Web UI LDAP authentication prompts for my id and allows me to login
normally. Once logged in, if I click on 'Admin' the browser shows
'Loading' and just hangs.

The following error appears in the WAS log:

SECJ0129E: Authorization failed for fred while invoking GET on
default_host:/jazz/admin/cmd/isRepositoryAvailable, Authorization
failed, Not granted any of the required roles: JazzAdmins

The user 'fred' is defined in the LDAP and in the Repository as a
JazzAdmin.

Any help appreciated

permanent link
Tom Frauenhofer (1.3k58435) | answered Dec 04 '07, 9:28 p.m.
I have a sense that this problem is related to a faulty LDAP setup that
I'm trying to resolve. Looking at my bluepages LDAP setup for WAS, I
haven't correctly assigned bluegroups to each Jazz role.

My understanding is the LDAP group (bluegroup) name can be anything, but
that in the WAS config for jazz, I must assign each Jazz role to that
group. That's part that faulty. My other question relates to how to fix it.

Although I don't yet know how to fix my LDAP, your diagnosis is right on

Thanks

Richard Backhouse wrote:
The message in the log indicates that fred is not in the JazzAdmins
role. Are you sure you declared the ldap group as JazzAdmins and not
JazzAdmin ?

David Ward wrote:
Running 0.6M4 with WAS and an LDAP server. RTC client works fine and
the Web UI also works fine, up to a point.

The Web UI LDAP authentication prompts for my id and allows me to
login normally. Once logged in, if I click on 'Admin' the browser
shows 'Loading' and just hangs.

The following error appears in the WAS log:

SECJ0129E: Authorization failed for fred while invoking GET on
default_host:/jazz/admin/cmd/isRepositoryAvailable, Authorization
failed, Not granted any of the required roles: JazzAdmins

The user 'fred' is defined in the LDAP and in the Repository as a
JazzAdmin.

Any help appreciated

permanent link
Bill Higgins (24611) | answered Dec 04 '07, 9:47 p.m.
FYI, for Beta 2 we'll add a little alert talking about the authorization problem so that you don't just get the useless "Forever Loading" screen (bug 38722). We're going to give the UI an overhaul w/r/t handling authentication and authorization in M5 (January).

permanent link
Tom Frauenhofer (1.3k58435) | answered Dec 07 '07, 11:38 a.m.
Thanks

bhiggins wrote:
FYI, for Beta 2 we'll add a little alert talking about the
authorization problem so that you don't just get the useless
"Forever Loading" screen (bug 38722). We're going to give
the UI an overhaul w/r/t handling authentication and authorization in
M5 (January).

Your answer


Register or to post your answer.