All SSO Smoketests fail - Need help

Name	Points
Greg Moeller	4184
David Williams	3349
JonA	3288
Kat V	2984
Woozy	1973
Jimmy Chiu	1883
Kwane McNeal	1437
Ragu Raghavan	1348
Roger French	1311
mark.cook	1244

John Costa

Veteran Member

Posts: 154

2/10/2010 8:52 PM

I just completed an environment install on a new production server. Environment 9.0.1.5 running on Windows Server 2008 and IBM WebSphere 7.0 with fix pack 7.

I've deployed the ear files to WebSphere and restarted the server. I am unable to complete any of the Lawson Security smoke tests.

My browser does not respond to any requests on port 80. I followed the instructions of KB article 557092, but my SSO logs do not report any errors (just normal start-up and shut-down entries).

This is actually my fourth environment install so I am familiar with the process. My other three environments are running fine. However, this is my first install on a 2008 box with WebSphere 7.0. I suspect a configuration setting in WebSphere but everything I see looks fine and matches what I have in my other three systems.

Can anyone provide some troubleshooting ideas?

MattM

Veteran Member

Posts: 82

2/10/2010 9:03 PM

Have you applied ALL environment patches for 9015?

John Costa

Veteran Member

Posts: 154

2/10/2010 9:21 PM

Yes, I have. There was actually only one patch, I guess since this environment version is fairly new (released in October 2009). I suspect something in my SSO config or Websphere, but can't seem to find anything. I'm reviewing my logs to see if something there provides a clue.

John Costa

Veteran Member

Posts: 154

2/10/2010 9:28 PM

Looking at my LASE log, I see the following errors:

Wed Feb 10 16:19:06 2010: Timeout value is adjusted to 90 Secs

Wed Feb 10 16:19:06 2010: Security Environment Version 9.0.1.5.177 2009-08-11 04:00:00 (200910) starting.

tracing log is F:\LAWAPPS\law\system\SSO_33409388.log
tracing log is F:\LAWAPPS\law\system\SSO_25229676.log
Undefined MessageProducer : RemoteImplLogger!
.ssokeystore access:
Wed Feb 10 16:19:06 2010: WARNING: authen.dat is NOT owned by LAWSON (current owner is: Administrators)
Wed Feb 10 16:19:06 2010: WARNING: authen.dat is NOT secured from group/world
Wed Feb 10 16:19:06 2010: WARNING: .ssokeystore is NOT owned by LAWSON (current owner is: Administrators)
Wed Feb 10 16:19:06 2010: WARNING: .ssokeystore is NOT secured from group/world
Wed Feb 10 16:19:06 2010: Checking authen.dat and .ssokeystore access: DONE

John Costa

Veteran Member

Posts: 154

2/10/2010 9:38 PM

The only thing different I did with this install was that I specified a domain account as the owner of the LDAP instead of using a local account on the server as the owner of the LDAP. Would that account for the errors in LASE.log and explain why SSO is not working?

John Henley

Senior Member

Posts: 3348

2/10/2010 10:11 PM

Have you look at the Websphere logs for errors?=

John Costa

Veteran Member

Posts: 154

2/10/2010 10:48 PM

Checking the logs for my application servers (i have two app servers in a cluster), both indicate "Open For Business" with no errors at all. If I look at the log for HTTP server, there are entries for my failed SSO smoke tests as follows:

[Wed Feb 10 17:30:55 2010] [error] [client xxx.xxx.xxx.xxx] File does not exist: F:/LAWAPPS/web/servlet
[Wed Feb 10 17:39:33 2010] [error] [client xxx.xxx.xxx.xxx] File does not exist: F:/LAWAPPS/web/sso

I blanked out the IP address above for security reasons. If I go to the folder specified by the errors, I see that it is empty and contains no files. But shouldn't the SSO calls be routed to the GENDIR folder anyway?

John Costa

Veteran Member

Posts: 154

2/11/2010 1:06 AM

Found the problem. I had a typo in my http.conf file. Once I corrected the error, everything worked correctly. Thanks anyways, folks! On to the next install!