Question

1
Replies
650
Views
MandarK6 Member since 2013 10 posts
Infosys
Posted: 4 years ago
Last activity: 4 years 11 months ago
Closed
Solved

securing SMA on Websphere

We are getting below error while accessing individual nodes configured in SMA.

Access is denied for the getName operation on enterprise MBean because of insufficient or empty credentials

And below error in logs:

The user UNAUTHENTICATED (unique ID: unauthenticated) was not granted any of the following required roles: deployer, operator, configurator, monitor, administrator, adminsecuritymanager, auditor.

Looks like role based access has been configured somewhere.

We are using Web Sphere server. Any idea how to restrict Access to SMA with Role-Based Security?

From System Management Application reference guide i found below:

If implementing role-based security, users who will access the SMA must be assigned the PegaDiagnosticUser role in order to have complete access to SMA functions.

PegaDiagnosticUser is defined as a security constraint in the Process Commander‘s web.xml file (found, for example, at TOMCAT_HOME/webapps/prweb/WEB-INF/web.xml).

PegaDiagnosticUser is assigned to individual users in the application server‘s user definitions file (found, for example, at TOMCAT_HOME/conf/tomcat-users.xml).

We need similar setting for Web Sphere. or some pointer to solve above access issue.

Security
Moderation Team has archived post
Share this page LinkedIn