MQSeries.net :: View topic

rahuldhanpal · Posted: Wed May 05, 2010 10:32 am Post subject:

Hi Guys,

I am trying to authenticate a message flow against LDAP so i am creating a SecurityProfile with the name LDAP and its required parameters. i have to do this is 3 environments and it is working fine in 2 environments and it is not working in production environment which has multiple LDAP Failover servers.
i get the following exception when i try to access the web service hosted in broker.
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>BIP3113E: Exception detected in message flow ClassAttendanceFlow.SOAP Input (broker PRDBRK01)</faultstring>
<detail>
<Text>BIP2702W: The identity (type ''usernameAndPassword'', token ''svcesb'', issued by ''Jakarta Commons-HttpClient/3.1'') failed authentication with security provider ''Cached''.
Either the security provider specified does not know about the given identity, or the supplied password was incorrect.
Check that the specified security provider contains the given identity. If it does, ensure that that the supplied password is correct. : /build/S610_P/src/DataFlowEngine/ImbIdentity.cpp: 164: ImbIdentity::isAuthenticated: :</Text>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>

And i check the usercredentials and everything is fine. the only change i made on the bar file is changed the security profile option to show the new security provider which i created. and checked the use https option as it is a secured connection.
the syntax i use to create the security profile is shown as follows (hiding the domain name )

mqsicreateconfigurableservice BrokerName -c SecurityProfiles -o LDAP -n authentication,authenticationConfig,passwordValue -v "LDAP,\"ldap://DomainNAME:389/OU=Service Accounts,DC=*******,DC=*****,DC=***?samaccountname?sub\",OBFUSCATE"

Any ideas will be highly appreciated.

Thanks
RD