cancel
Showing results for 
Search instead for 
Did you mean: 

SP15 in Java engine failed, "Login Failure: all modules ignored"

Former Member
0 Kudos

Hi

During the installation of sp15 (with JSPM) failed, the sdm log shows:

-


ERROR: Cannot connect to Host: [hostname] with user name: [J2EE_ADMIN]

My instance was down so I started but now there is an error, when I try to log on to User management it give me the error: "Login Failure: all modules ignored".

-


I checked the logs for the server and found the following:

-


#1.5^H#0000000000000067000000250000596D00045A79FA4B224F#1225379843613#com.sap.engine.services.security.resource.ResourceHandl

eImpl#sap.com/com.sap.security.core.admin#com.sap.engine.services.security.resource.ResourceHandleImpl#J2EE_GUEST#0##n/a##da7

065c0a69511ddb438000000000000#SAPEngine_Application_Thread[impl:3]_15##0#0#Error#1#/System/Security/Audit/J2EE#Java###ACCESS.

ERROR: Authorization check for caller assignment to J2EE resource [ : : : ].#4#SAP-J2EE-Engine#session-pool#ge t_session_pool#ALL# #1.5^H#0000000000000067000000260000596D00045A79FA4B32AC#1225379843613#com.sap.engine.services.security.authentication.loginco ntext#sap.com/com.sap.security.core.admin#com.sap.engine.services.security.authentication.logincontext#J2EE_GUEST#0##n/a##da7 065c0a69511ddb438000000000000#SAPEngine_Application_Thread[impl:3]_15##0#0#Error##Java###Caller not authorized. [EXCEPTION] #1#com.sap.engine.services.security.exceptions.BaseSecurityException: Caller not authorized.

at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:627)

at com.sap.engine.services.security.resource.ResourceHandleImpl.checkPermission(ResourceHandleImpl.java:513)

at com.sap.engine.services.security.resource.ResourceContextImpl.checkPermission(ResourceContextImpl.java:45)

at com.sap.engine.services.security.restriction.Restrictions.checkPermission(Restrictions.java:119)

at com.sap.engine.services.security.server.AuthenticationContextImpl.getSessionPool(AuthenticationContextImpl.java:39

5)

at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContextFactory(AuthenticationContextImpl

.java:740)

at com.sap.engine.services.security.server.AuthenticationContextImpl.getLoginContext(AuthenticationContextImpl.java:2

54)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:324)

at com.sap.engine.system.SystemLoginModule.initialize(SystemLoginModule.java:72)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:324)

at javax.security.auth.login.LoginContext.invoke(LoginContext.java:662)

at javax.security.auth.login.LoginContext.access$000(LoginContext.java:129)

at javax.security.auth.login.LoginContext$4.run(LoginContext.java:610)

at java.security.AccessController.doPrivileged(Native Method)

at javax.security.auth.login.LoginContext.invokeModule(LoginContext.java:607)

at javax.security.auth.login.LoginContext.login(LoginContext.java:534)

at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.getLoggedInUser(SAPJ2EEAuthenticator.java:146)

at com.sap.security.core.logon.imp.SAPJ2EEAuthenticator.forceLoggedInUser(SAPJ2EEAuthenticator.java:231)

at com.sap.security.core.admin.ServletAccessToLogic.getActiveUser(ServletAccessToLogic.java:141)

at com.sap.security.core.admin.UserAdminLogic.executeRequest(UserAdminLogic.java:438)

at com.sap.security.core.admin.UserAdminServlet.doPost(UserAdminServlet.java:26)

at com.sap.security.core.admin.UserAdminServlet.doGet(UserAdminServlet.java:19)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)

at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)

at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)

at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)

at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)

at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)

at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)

at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)

at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessio

nMessageListener.java:33)

at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)

at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)

-


I found the SAP Note 971249 but Iu2019m not sure it applies and even I can log on into Visual administrator.

-


Log for the Visual Administrator

<!LOGHEADER[START]/>

<!HELP[Manual modification of the header may cause parsing problem!]/>

<!LOGGINGVERSION[1.5.3.7185 - 630]/>

<!NAME[/usr/sap/SID/DVEBMGS00/j2ee/admin/log/./traces/visual_administration.trc]/>

<!PATTERN[visual_administration.trc]/>

<!FORMATTER[com.sap.tc.logging.ListFormatter]/>

<!ENCODING[UTF8]/>

<!FILESET[0, 5, 10000000]/>

<!PREVIOUSFILE[visual_administration.4.trc]/>

<!NEXTFILE[visual_administration.1.trc]/>

<!LOGHEADER[END]/>

#1.5^H#C000AC11873E00000000000100CEC78D00045A541BE7A040#1225217198758#com.sap.engine.services.adminadapter.gui.tasks.LoginTas

k##com.sap.engine.services.adminadapter.gui.tasks.LoginTask#######Thread[Thread-1,5,main]##0#0#Error#1#/System/Server/VisualA

dministrationTool#Java###Error while trying to login to host: null

[EXCEPTION]

#1#java.lang.NullPointerException

at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImpl.login(RemoteLoginContextHelperImpl.

java:72)

at com.sap.engine.services.security.remoteimpl.login.RemoteLoginContextHelperImplp4_Skel.dispatch(RemoteLoginContextH

elperImplp4_Skel.java:64)

at com.sap.engine.services.rmi_p4.DispatchImpl._runInternal(DispatchImpl.java:319)

at com.sap.engine.services.rmi_p4.DispatchImpl._run(DispatchImpl.java:200)

at com.sap.engine.services.rmi_p4.server.P4SessionProcessor.request(P4SessionProcessor.java:136)

at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessio

nMessageListener.java:33)

at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)

at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)

at java.security.AccessController.doPrivileged(Native Method)

at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)

at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)

-


Thank you very much for your help.

Best Regards

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
0 Kudos

hi

SAP did make a couple of changes in config tool - specifically under --->security/configurations/ticket

so maybe you can go and crosscheck with a up and running java system

thx

Jonu

Answers (3)

Answers (3)

Former Member
0 Kudos

Hi Joy

You are right I had under my ticket configuration a wrong setting

(com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule, I changed it by BasicPasswordLoginModule) and It solved the problem.

Thank you so much !!

Former Member
0 Kudos

I don't know what settings do you modify, but now I could log on to the Visual Administrator with the sap* user, I want to apply sap note 971249, but I'm don't know if its correct but it seems that the sap* user don't have authorizations to do that changes.

Do you know which changes were made by sap in your system?

Regards

Former Member
0 Kudos

hi

we had the same issue some time back when we upgraded to SP15, we opened a OSS message and SAP had to come and fix the issue.

It was some inconsistencies in -Config DB settings and they made quite a few changes in security/configurations/ticket(config tool)

also

one Java parameter was wrong(config tool - server config) :

-Djava.security.policy=/java.policy it should be -


> Djava.security.policy=./java.policy (The DOT was missing)

thank you

Jonu Joy