Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Web UI Problem with LDAP

Running 0.6M4 with WAS and an LDAP server. RTC client works fine and the
Web UI also works fine, up to a point.

The Web UI LDAP authentication prompts for my id and allows me to login
normally. Once logged in, if I click on 'Admin' the browser shows
'Loading' and just hangs.

The following error appears in the WAS log:

SECJ0129E: Authorization failed for fred while invoking GET on
default_host:/jazz/admin/cmd/isRepositoryAvailable, Authorization
failed, Not granted any of the required roles: JazzAdmins

The user 'fred' is defined in the LDAP and in the Repository as a JazzAdmin.

Any help appreciated

0 votes



4 answers

Permanent link
The message in the log indicates that fred is not in the JazzAdmins
role. Are you sure you declared the ldap group as JazzAdmins and not
JazzAdmin ?

David Ward wrote:
Running 0.6M4 with WAS and an LDAP server. RTC client works fine and the
Web UI also works fine, up to a point.

The Web UI LDAP authentication prompts for my id and allows me to login
normally. Once logged in, if I click on 'Admin' the browser shows
'Loading' and just hangs.

The following error appears in the WAS log:

SECJ0129E: Authorization failed for fred while invoking GET on
default_host:/jazz/admin/cmd/isRepositoryAvailable, Authorization
failed, Not granted any of the required roles: JazzAdmins

The user 'fred' is defined in the LDAP and in the Repository as a
JazzAdmin.

Any help appreciated

0 votes


Permanent link
I have a sense that this problem is related to a faulty LDAP setup that
I'm trying to resolve. Looking at my bluepages LDAP setup for WAS, I
haven't correctly assigned bluegroups to each Jazz role.

My understanding is the LDAP group (bluegroup) name can be anything, but
that in the WAS config for jazz, I must assign each Jazz role to that
group. That's part that faulty. My other question relates to how to fix it.

Although I don't yet know how to fix my LDAP, your diagnosis is right on

Thanks

Richard Backhouse wrote:
The message in the log indicates that fred is not in the JazzAdmins
role. Are you sure you declared the ldap group as JazzAdmins and not
JazzAdmin ?

David Ward wrote:
Running 0.6M4 with WAS and an LDAP server. RTC client works fine and
the Web UI also works fine, up to a point.

The Web UI LDAP authentication prompts for my id and allows me to
login normally. Once logged in, if I click on 'Admin' the browser
shows 'Loading' and just hangs.

The following error appears in the WAS log:

SECJ0129E: Authorization failed for fred while invoking GET on
default_host:/jazz/admin/cmd/isRepositoryAvailable, Authorization
failed, Not granted any of the required roles: JazzAdmins

The user 'fred' is defined in the LDAP and in the Repository as a
JazzAdmin.

Any help appreciated

0 votes


Permanent link
FYI, for Beta 2 we'll add a little alert talking about the authorization problem so that you don't just get the useless "Forever Loading" screen (bug 38722). We're going to give the UI an overhaul w/r/t handling authentication and authorization in M5 (January).

0 votes


Permanent link
Thanks

bhiggins wrote:
FYI, for Beta 2 we'll add a little alert talking about the
authorization problem so that you don't just get the useless
"Forever Loading" screen (bug 38722). We're going to give
the UI an overhaul w/r/t handling authentication and authorization in
M5 (January).

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details

Question asked: Dec 04 '07, 3:28 p.m.

Question was seen: 6,205 times

Last updated: Dec 04 '07, 3:28 p.m.

Confirmation Cancel Confirm