BluePages/-Group LDAP Authentication does not work anymore a
Hi,
with the aid of this forum (https://jazz.net/forums/viewtopic.php?t=987)
I had set up a WAS with bluepages LDAP which worked quite well with Jazz
M5a.
Now I moved to M6 and after migrating I get the following error:
SECJ0129E: Authorization failed for HAEBER@de.ibm.com while invoking GET
on default_host:/jazz/admin, Authorization failed, Not granted any of
the required roles: JazzUsers JazzAdmins JazzGuests JazzDWAdmins
I'd appreciate any hint how to analyse my problem a little bit deeper.
Thanks,
Michael
with the aid of this forum (https://jazz.net/forums/viewtopic.php?t=987)
I had set up a WAS with bluepages LDAP which worked quite well with Jazz
M5a.
Now I moved to M6 and after migrating I get the following error:
SECJ0129E: Authorization failed for HAEBER@de.ibm.com while invoking GET
on default_host:/jazz/admin, Authorization failed, Not granted any of
the required roles: JazzUsers JazzAdmins JazzGuests JazzDWAdmins
I'd appreciate any hint how to analyse my problem a little bit deeper.
Thanks,
Michael
5 answers
Hello,
I had a similar problem after migrating to M6. I could not logon to a secure connection with one of the jazz users I could logon in M5.
How I solved the problem:
Logged on with ADMIN
Opened the View Team Organisation and opened the user I could not log on with. There was no Repository Groups selected. Selected JazzUsers and JazzGuests.
Afterwards I could logon with that user.
It seems to me that the membership of those Repository Groups gets lost when exporting and importing the db.
Can somebody else confirm or explain why this happens?
Elisabeth
I had a similar problem after migrating to M6. I could not logon to a secure connection with one of the jazz users I could logon in M5.
How I solved the problem:
Logged on with ADMIN
Opened the View Team Organisation and opened the user I could not log on with. There was no Repository Groups selected. Selected JazzUsers and JazzGuests.
Afterwards I could logon with that user.
It seems to me that the membership of those Repository Groups gets lost when exporting and importing the db.
Can somebody else confirm or explain why this happens?
Elisabeth
ehodel wrote:
thanks for your reply. The problem for me, however, is that I cannot
use user ADMIN since this userid doesn't exist in the LDAP, so I can't
log in at all.
Hello,
I had a similar problem after migrating to M6. I could not logon to a
secure connection with one of the jazz users I could logon in M5.
How I solved the problem:
Logged on with ADMIN
Opened the View Team Organisation and opened the user I could not log
on with. There was no Repository Groups selected. Selected JazzUsers
and JazzGuests.
Afterwards I could logon with that user.
It seems to me that the membership of those Repository Groups gets
lost when exporting and importing the db.
Can somebody else confirm or explain why this happens?
Elisabeth
Hi Elisabeth,
thanks for your reply. The problem for me, however, is that I cannot
use user ADMIN since this userid doesn't exist in the LDAP, so I can't
log in at all.
Michael Haeberlen wrote:
https://jazz.net/jazz/web/projects/Jazz%20Project#action=com.ibm.team.workitem.viewWorkItem&id=50366
need to figure out how to set the custom properties
Hi,
with the aid of this forum (https://jazz.net/forums/viewtopic.php?t=987)
I had set up a WAS with bluepages LDAP which worked quite well with Jazz
M5a.
Now I moved to M6 and after migrating I get the following error:
SECJ0129E: Authorization failed for HAEBER@de.ibm.com while invoking GET
on default_host:/jazz/admin, Authorization failed, Not granted any of
the required roles: JazzUsers JazzAdmins JazzGuests JazzDWAdmins
I'd appreciate any hint how to analyse my problem a little bit deeper.
Thanks,
Michael
I noticed that teamserver.properties did not get loaded.
https://jazz.net/jazz/web/projects/Jazz%20Project#action=com.ibm.team.workitem.viewWorkItem&id=50366
need to figure out how to set the custom properties
Michael,
This is the path to custom properties.
Application servers > server1 > Process Definition > Java Virtual Machine >
Custom Properties
Can you also list the ldap properties you are using to access bluepages ?
---- Balaji
"Michael Haeberlen" <haeber@de.ibm.com> wrote in message
news:ftfori$n0$1@localhost.localdomain...
This is the path to custom properties.
Application servers > server1 > Process Definition > Java Virtual Machine >
Custom Properties
Can you also list the ldap properties you are using to access bluepages ?
---- Balaji
"Michael Haeberlen" <haeber@de.ibm.com> wrote in message
news:ftfori$n0$1@localhost.localdomain...
Michael Haeberlen wrote:
Hi,
with the aid of this forum (https://jazz.net/forums/viewtopic.php?t=987)
I had set up a WAS with bluepages LDAP which worked quite well with Jazz
M5a.
Now I moved to M6 and after migrating I get the following error:
SECJ0129E: Authorization failed for HAEBER@de.ibm.com while invoking GET
on default_host:/jazz/admin, Authorization failed, Not granted any of the
required roles: JazzUsers JazzAdmins JazzGuests JazzDWAdmins
I'd appreciate any hint how to analyse my problem a little bit deeper.
Thanks,
Michael
I noticed that teamserver.properties did not get loaded.
https://jazz.net/jazz/web/projects/Jazz%20Project#action=com.ibm.team.workitem.viewWorkItem&id=50366
need to figure out how to set the custom properties
Balaji Krish wrote:
One issue held me up quite some time:
I had setup log4j.configuration, com.ibm.team.server.configURL and
com.ibm.team repository.provision.profile as custum properties, but
specified ALL values as URLs. There was no hint about the error
condition in SystemOut.log but if had looked more carefully at
https://jazz.net/wiki/bin/view/Main/JazzProvisionerSetupInWAS
I would have realized that the value for com.ibm.team
repository.provision.profile MUST NOT be a URL but rather a normal file
path.
After I fixed that all remaining hurdles could easily be taken by
looking at SystemOut.log which now was verbose enough to complain about
the parameters that were missing (like Mail from address which is now
mandatory)
Thanks for your help!
Michael,
This is the path to custom properties.
Application servers > server1 > Process Definition > Java Virtual Machine
Custom Properties
Can you also list the ldap properties you are using to access bluepages ?
---- Balaji
"Michael Haeberlen" <haeber@de.ibm.com> wrote in message
news:ftfori$n0$1@localhost.localdomain...
Michael Haeberlen wrote:
Hi,
with the aid of this forum (https://jazz.net/forums/viewtopic.php?t=987)
I had set up a WAS with bluepages LDAP which worked quite well with Jazz
M5a.
Now I moved to M6 and after migrating I get the following error:
SECJ0129E: Authorization failed for HAEBER@de.ibm.com while invoking GET
on default_host:/jazz/admin, Authorization failed, Not granted any of the
required roles: JazzUsers JazzAdmins JazzGuests JazzDWAdmins
I'd appreciate any hint how to analyse my problem a little bit deeper.
Thanks,
Michael
I noticed that teamserver.properties did not get loaded.
https://jazz.net/jazz/web/projects/Jazz%20Project#action=com.ibm.team.workitem.viewWorkItem&id=50366
need to figure out how to set the custom properties
OK, finally I got it working.
One issue held me up quite some time:
I had setup log4j.configuration, com.ibm.team.server.configURL and
com.ibm.team repository.provision.profile as custum properties, but
specified ALL values as URLs. There was no hint about the error
condition in SystemOut.log but if had looked more carefully at
https://jazz.net/wiki/bin/view/Main/JazzProvisionerSetupInWAS
I would have realized that the value for com.ibm.team
repository.provision.profile MUST NOT be a URL but rather a normal file
path.
After I fixed that all remaining hurdles could easily be taken by
looking at SystemOut.log which now was verbose enough to complain about
the parameters that were missing (like Mail from address which is now
mandatory)
Thanks for your help!