All SSO Smoketests fail - Need help

Name	Points
Greg Moeller	4184
David Williams	3349
Kat V	2984
Woozy	1973
Jimmy Chiu	1883
Kwane McNeal	1437
Ragu Raghavan	1377
Roger French	1315
mark.cook	1244
Chesca	1042

John Costa

Veteran Member

Posts: 154

2/10/2010 8:52 PM

I just completed an environment install on a new production server. Environment 9.0.1.5 running on Windows Server 2008 and IBM WebSphere 7.0 with fix pack 7.

I've deployed the ear files to WebSphere and restarted the server. I am unable to complete any of the Lawson Security smoke tests.

My browser does not respond to any requests on port 80. I followed the instructions of KB article 557092, but my SSO logs do not report any errors (just normal start-up and shut-down entries).

This is actually my fourth environment install so I am familiar with the process. My other three environments are running fine. However, this is my first install on a 2008 box with WebSphere 7.0. I suspect a configuration setting in WebSphere but everything I see looks fine and matches what I have in my other three systems.

Can anyone provide some troubleshooting ideas?

MattM

Veteran Member

Posts: 82

2/10/2010 9:03 PM

Have you applied ALL environment patches for 9015?

John Costa

Veteran Member

Posts: 154

2/10/2010 9:21 PM

Yes, I have. There was actually only one patch, I guess since this environment version is fairly new (released in October 2009). I suspect something in my SSO config or Websphere, but can't seem to find anything. I'm reviewing my logs to see if something there provides a clue.

John Costa

Veteran Member

Posts: 154

2/10/2010 9:28 PM

Looking at my LASE log, I see the following errors:

Wed Feb 10 16:19:06 2010: Timeout value is adjusted to 90 Secs

Wed Feb 10 16:19:06 2010: Security Environment Version 9.0.1.5.177 2009-08-11 04:00:00 (200910) starting.

tracing log is F:\LAWAPPS\law\system\SSO_33409388.log
tracing log is F:\LAWAPPS\law\system\SSO_25229676.log
Undefined MessageProducer : RemoteImplLogger!
.ssokeystore access:
Wed Feb 10 16:19:06 2010: WARNING: authen.dat is NOT owned by LAWSON (current owner is: Administrators)
Wed Feb 10 16:19:06 2010: WARNING: authen.dat is NOT secured from group/world
Wed Feb 10 16:19:06 2010: WARNING: .ssokeystore is NOT owned by LAWSON (current owner is: Administrators)
Wed Feb 10 16:19:06 2010: WARNING: .ssokeystore is NOT secured from group/world
Wed Feb 10 16:19:06 2010: Checking authen.dat and .ssokeystore access: DONE

John Costa

Veteran Member

Posts: 154

2/10/2010 9:38 PM

The only thing different I did with this install was that I specified a domain account as the owner of the LDAP instead of using a local account on the server as the owner of the LDAP. Would that account for the errors in LASE.log and explain why SSO is not working?

John Henley

Posts: 3364

New Poster

Engaged Reader

Avid Reader

2/10/2010 10:11 PM

Have you look at the Websphere logs for errors?=

John Costa

Veteran Member

Posts: 154

2/10/2010 10:48 PM

Checking the logs for my application servers (i have two app servers in a cluster), both indicate "Open For Business" with no errors at all. If I look at the log for HTTP server, there are entries for my failed SSO smoke tests as follows:

[Wed Feb 10 17:30:55 2010] [error] [client xxx.xxx.xxx.xxx] File does not exist: F:/LAWAPPS/web/servlet
[Wed Feb 10 17:39:33 2010] [error] [client xxx.xxx.xxx.xxx] File does not exist: F:/LAWAPPS/web/sso

I blanked out the IP address above for security reasons. If I go to the folder specified by the errors, I see that it is empty and contains no files. But shouldn't the SSO calls be routed to the GENDIR folder anyway?

John Costa

Veteran Member

Posts: 154

2/11/2010 1:06 AM

Found the problem. I had a typo in my http.conf file. Once I corrected the error, everything worked correctly. Thanks anyways, folks! On to the next install!