文件网内容引擎 SECURITY_ANONYMOUS_DISALLOWED
我们有一个开发环境,AE 和 CE 在同一个 websphere 实例中。 现在,我们正在尝试将 AE 安装在我们本地计算机的 IRAD Websphere 实例中。 当应用程序尝试访问文件网络对象时,我们收到以下错误:
com.filenet.api.exception.EngineRuntimeException: SECURITY_ANONYMOUS_DISALLOWED:不允许匿名用户访问 到内容引擎。错误堆栈={在 com.filenet.engine.context.SecurityContext。(SecurityContext.java:87) 在 com.filenet.engine.context.ServerCallContext。(ServerCallContext.java:87) 在 com.filenet.engine.context.ServerCallContext.newInstance(ServerCallContext.java:985) 在 com.filenet.engine.jca.impl.RequestBrokerImpl.getUserName(RequestBrokerImpl.java:1300) 在 com.filenet.engine.ejb.EngineCoreBean._getUserName(EngineCoreBean.java:731) 在 com.filenet.engine.ejb.EngineCoreBean.getUserName(EngineCoreBean.java:713) 在 com.filenet.engine.ejb.EJSLocalStatelessEngineCore_22877cb1.getUserName(未知 来源)于 com.filenet.engine.ejb.EngineBean.processUserLicense(EngineBean.java:977) 在 com.filenet.engine.ejb.EngineBean.methodInit(EngineBean.java:175) 在 com.filenet.engine.ejb.EngineBean.getObjects(EngineBean.java:303) 在 com.filenet.apiimpl.transport.ejbstubs.EJSRemoteStatelessEngine_2e64c374.getObjects(未知 来源)于 com.filenet.apiimpl.transport.ejbstubs._EJSRemoteStatelessEngine_2e64c374_Tie.getObjects(_EJSRemoteStatelessEngine_2e64c374_Tie.java:184) 在 com.filenet.apiimpl.transport.ejbstubs._EJSRemoteStatelessEngine_2e64c374_Tie._invoke(_EJSRemoteStatelessEngine_2e64c374_Tie.java:98) 在 com.ibm.CORBA.iiop.ServerDelegate.dispatchInvokeHandler(ServerDelegate.java:613) 在 com.ibm.CORBA.iiop.ServerDelegate.dispatch(ServerDelegate.java:466) 在 com.ibm.rmi.iiop.ORB.process(ORB.java:503) 处 com.ibm.CORBA.iiop.ORB.process(ORB.java:1552) 位于 com.ibm.rmi.iiop.Connection.respondTo(Connection.java:2673) 在 com.ibm.rmi.iiop.Connection.doWork(Connection.java:2551) 在 com.ibm.rmi.iiop.WorkUnitImpl.doWork(WorkUnitImpl.java:62) 在 com.ibm.ejs.oa.pool.PooledThread.run(ThreadPool.java:95) 位于 com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1498)
我们已经:
- 配置了与开发环境中相同的 JAAS。
- 在 Websphere 实例中从本地计算机安装了证书。
- 我们已启用管理安全性和应用程序安全性
- LDAP 配置与开发环境中的 AE 中的配置相同
- 主管理用户名在 AE 和 CE 中相同
我们使用的是 Websphere 6.1 。
We have an development enviroment, with the AE and CE in the same websphere instance.
Now, we are trying to mount, the AE in one of our local machine, in a IRAD Websphere instance.
When the application tries to access filenet objects we get the following error:
com.filenet.api.exception.EngineRuntimeException:
SECURITY_ANONYMOUS_DISALLOWED: Anonymous users aren't allowed access
to the Content Engine. errorStack={ at
com.filenet.engine.context.SecurityContext.(SecurityContext.java:87)
at
com.filenet.engine.context.ServerCallContext.(ServerCallContext.java:87)
at
com.filenet.engine.context.ServerCallContext.newInstance(ServerCallContext.java:985)
at
com.filenet.engine.jca.impl.RequestBrokerImpl.getUserName(RequestBrokerImpl.java:1300)
at
com.filenet.engine.ejb.EngineCoreBean._getUserName(EngineCoreBean.java:731)
at
com.filenet.engine.ejb.EngineCoreBean.getUserName(EngineCoreBean.java:713)
at
com.filenet.engine.ejb.EJSLocalStatelessEngineCore_22877cb1.getUserName(Unknown
Source) at
com.filenet.engine.ejb.EngineBean.processUserLicense(EngineBean.java:977)
at com.filenet.engine.ejb.EngineBean.methodInit(EngineBean.java:175)
at com.filenet.engine.ejb.EngineBean.getObjects(EngineBean.java:303)
at
com.filenet.apiimpl.transport.ejbstubs.EJSRemoteStatelessEngine_2e64c374.getObjects(Unknown
Source) at
com.filenet.apiimpl.transport.ejbstubs._EJSRemoteStatelessEngine_2e64c374_Tie.getObjects(_EJSRemoteStatelessEngine_2e64c374_Tie.java:184)
at
com.filenet.apiimpl.transport.ejbstubs._EJSRemoteStatelessEngine_2e64c374_Tie._invoke(_EJSRemoteStatelessEngine_2e64c374_Tie.java:98)
at
com.ibm.CORBA.iiop.ServerDelegate.dispatchInvokeHandler(ServerDelegate.java:613)
at com.ibm.CORBA.iiop.ServerDelegate.dispatch(ServerDelegate.java:466)
at com.ibm.rmi.iiop.ORB.process(ORB.java:503) at
com.ibm.CORBA.iiop.ORB.process(ORB.java:1552) at
com.ibm.rmi.iiop.Connection.respondTo(Connection.java:2673) at
com.ibm.rmi.iiop.Connection.doWork(Connection.java:2551) at
com.ibm.rmi.iiop.WorkUnitImpl.doWork(WorkUnitImpl.java:62) at
com.ibm.ejs.oa.pool.PooledThread.run(ThreadPool.java:95) at
com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1498)
We've already:
- Configured the same JAAS as in the dev env.
- Installed a certificate from our local machine in the Websphere instance.
- We've enabled the administrative security and the application security
- The LDAP configuration is the same as in the AE on the dev env
- The primary administrative user name is the same in both AE and CE
We are using Websphere 6.1.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
您没有提到在两个 WAS 实例之间设置信任关系(LTPA 密钥)。这可能会导致这些症状。
You don't mention setting up a trust relationship (LTPA keys) between the two WAS instances. That can lead to these symptoms.
由于没有足够的有关您的环境的详细信息,因此很难说出确切的原因。您所看到的异常可能有多种原因。
一般来说,以下文档中描述了所有细节 – 问题使用 Java API 时,匿名主体未经身份验证。如果您按照此处提供的说明进行操作,则应该不会遇到身份验证问题。
It is hard to tell the exact reason as there are not enough details about your environment. There might various causes for the exception that you are seeing.
In general, all nuts and bolts are described in the following document – Problems with Anonymous principal UNAUTHENTICATED when using the Java API. You should not have problems with authentication if you follow the instructions provided there.
尝试一件简单的事情,并检查指定路径的正确
string值:各个文件的格式应与上述完全相同。
这是我遇到的最基本的问题。
Try one simple thing and check the proper
stringvalue where you specify the path of :The format should be exactly the same as above for respective files.
This was the most basic problem which I had faced.