Message Reference for WebSphere Security

WebSphere Security messages

SECJ0007E: Error during security initialization. The exception is {0}.
Explanation: An unexpected error occurred during security initialization.
User Response: This is a general error. Look for previous messages that may be related to the failure or a configuration problem. Enabling security debug trace for components com.ibm.ws.security.* and com.ibm.ejs.security.* may yield additional information.

SECJ0010E: Invalid credential
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0040E: Error occurred while generating new LTPA keys. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0041E: Can't set Authentication Mechanism to LTPA when LTPAConfig is null
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0045E: Error initializing security/SAS
Explanation: An error occurred initializing the Secure Association Service which is part of the ORB security.
User Response: Verify the property file, usually sas.server.props, is present and has read permission.

SECJ0046I: SAS Property:{0} has been updated
Explanation: Informational.
User Response: A security configuration change has caused a SAS Property to be updated.

SECJ0047E: Missing or malformed security configuration URL specified by property {0}
Explanation: The URL used to specify Secure Association Service properties is missing or malformed.
User Response: The URL is usually specified as a property name when starting WebSphere from the command line with the -D argument. For example:
-Dcom.ibm.CORBA.ConfigURL=file:/WebSphere/AppServer/properties/sas.server.props

Verify that the property and URL is specified and refers to a valid file and the file has the read permission.

SECJ0048E: Error updating or loading future security configuration URL specified by property {0}
Explanation: The path or file specified in the property may be invalid or there could be a file permission problem.
User Response: Verify the path and file specified by the property is valid and the file has read permission.

SECJ0049E: Configuration error encountered while starting the server
Explanation: An unexpected RemoteException, OpException or IOException occurred during server startup. There could be problems with loading or writing of security configuration URL property files.
User Response: Verify the file permissions associated with security configuration URL property file (typically sas.server.props) are read and writable.

SECJ0050E: Error encountered while shutting down the server
Explanation: An unexpected RemoteException, OpException or IOException occurred during server shutdown. There could be problems with loading or writing of security configuration URL property files.
User Response: Verify the file permissions associated with security configuration URL property file (typically sas.server.props) are read and writable.

SECJ0051E: IOException when determining whether configuration is current with property file {0} or {1}
Explanation: A loadProperties() operation probably failed.
User Response: Verify the file permissions associated with security configuration URL property file (typically sas.server.props) are read and writable.

SECJ0052E: Authorization failed while invoking ({0}){1} {2} - invalid credentials
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0053E: Authorization failed for {0} while invoking ({1}){2} {3} {4}
Explanation: The user does not have the necessary permission to access the resource. This failure may be expected if the user should not be granted access. If this error is unexpected, then there are several possible causes. The user has not been mapped to one the roles protecting the resource if the user requires access to the protected resource. The user is not a member of one of the groups that may have been mapped to one of the roles. If WebSphere security is configured to use LDAP as the user registry, the WebSphere security LDAP user and group search filter configuration may not match what the LDAP directory expects.
User Response: If the authorization failure is unexpected, verify the user, or a group that the user is a member of, is mapped to the role protecting the resource. Verify the WebSphere security LDAP user and group filters configuration match what the LDAP directory expects.

SECJ0054E: No own credentials
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0055E: Authentication failed for {0}. The user id or password may have been entered incorrectly or misspelled. The user id may not exist, the account could have expired or disabled. The password may have expired.
Explanation: The user could not be authenticated. The user id or password may have been entered incorrectly. The user may not exist in the user registry that WebSphere is configured to authenticate to. If WebSphere security is configured to use LDAP as the user registry, the WebSphere security LDAP user and group search filter configuration may not match what the LDAP directory expects.
User Response: Verify that the user id and password are entered correctly and exist in the user registry. If LDAP is configured as the security user registry, verify the WebSphere security LDAP user and group filters configuration match what the LDAP directory expects. Consult with the administrator of the user registry that WebSphere is configured to use if the problem persist.

SECJ0056E: Authentication failed for reason {0}
Explanation: Authentication failed with the specified reason.
User Response: Verify that the user id and password are entered correctly. Consult with the administrator of the user registry if the problem persist.

SECJ0057E: Invalid authentication data
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0058E: LTPAServer does not exist
Explanation: This is an internal error probably due to LTPAServer initialization problems.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0059E: Cannot create LTPAServer without a password
Explanation: The wrong constructor was used when trying to create an instance of LTPAServerBean.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0060E: LTPA configuration not found
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0061E: LTPAConfig creation exception
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0062E: LTPAConfig remove exception
Explanation: This is an internal error. The ejbRemove() operation failed on the LTPAConfigBean.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0063E: Credential mapping failed due to invalid access ID
Explanation: This is an internal error. Cannot get accessID from credential.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0064E: Credential mapping failed
Explanation: The credential mapping can fail for a number of reasons: The credential token is not an instance of a supported CredentialToken type for a mapping. The principal identified in the credential cannot be mapped to an entry or found in the user registry. A user registry exception occurs or if the user registry has been stopped.
User Response: Verify the user registry is operational. Verify the principal exist in the target user registry if appropriate. The exception reported with this error message may help diagnose the problem.

SECJ0065E: Unsupported encoding
Explanation: This is an internal error. An UnsupportedEncodingException occurred when the LTPAServer tried to encode the token value.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0066E: registry impl object has been stopped
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0067E: Cannot credential map given credential token for subject DN {0} into LDAP because of an LDAP filter mapping exception.
Explanation: The credential mapping can fail for a number of reasons: The credential token is not an instance of a supported CredentialToken type for a mapping. The principal identified in the credential cannot be mapped to an entry or found in the user registry. A user registry exception occurs or if the user registry has been stopped.
User Response: Verify the user registry is operational. Verify the principal exist in the target user registry if appropriate. The exception reported with this error message may help diagnose the problem.

SECJ0068E: LDAP initialization error. The exception is {0}.
Explanation: An unexpected exception occurred when configuring for LDAP.
User Response: Verify the WebSphere LDAP configuration settings such as the provider URL are correct in the Security Center GUI. If using SSL make sure the SSL configuration is correct.

SECJ0069E: Problem getting Security Name for privilege id: {0}. The exception is {1}.
Explanation: Cannot find a name for the specified SID in the Windows user registry.This can occur if a network time-out prevents the function from finding the name. It also occurs for SIDs that have no corresponding account name, such as a logon SID that identifies a logon session
User Response: WebSphere may still have a reference to the user in the authorization table but, that user may have been removed from the Windows user registry. If you know the user, remove it from any resource protection permissions in WebSphere. If the user is still valid, then it needs to be recreated in the Windows user registry and then reassigned to proper resource permissions in WebSphere.

SECJ0070E: No privilege id configured for: {0}
Explanation: Unable to find a SID for the specified user in the Windows user registry. The user may not exist in the user registry.
User Response: If appropriate create the user in the user registry.

SECJ0071E: Error retrieving registry entries for the given pattern {0}
Explanation:
User Response: Verify the pattern is correct and not malformed.

SECJ0072E: Error finding registry for type {0}
Explanation: CMGS0001
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0073E: Error finding registry entry for privilege id {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0074E: Error creation user registry. The exception is {0}
Explanation: An unexpected exception occurred when trying to load or create the user registry.
User Response: Verify the CLASSPATH used to start WebSphere is correct and that the jar files have at least the read permission and exist.

SECJ0075E: Unsupported entry type {0}
Explanation: This is an internal error. A registry of the specified type could not be looked up.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0076E: Error creating registry entry home
Explanation: This is an internal error. Unable to create the home for the registry.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0077E: Registry impl class {0} not found for type {1}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0078E: User registry does not exist
Explanation: Unable to lookup RegistryHome in name space or narrow failed. The class for the user registry was not registered in the name space correctly or the class file for the user registry cannot be found.
User Response: Verify the classpath is correct and that the required classes exist.

SECJ0079E: User type not supported in the user registry
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0080E: User entry is not found in the registry
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0081E: Registry exception
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0082E: Error during web security initialization
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: CMGS0002

SECJ0083E: Error initializing web cache on admin server
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0084W: Error while initializing security web configuration. The exception is {0}.
Explanation: An error internal occurred while initializing the security attributes of a Web Application.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0085E: Error initializing admin web cache
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0086E: Configuration error
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0087E: Internal Server Error
Explanation: The HttpServletResponse indicates an Internal Server Error has occurred.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0088E: Error deleting permission
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0089E: Error obtaining all permissions
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0090E: Error obtaining method group for method {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0091E: Error looking up Application home
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0092E: Application home not found
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0093E: Relation home not found
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0094E: Admin Application does not exist
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0095E: Exception while initializing admin permissions
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0096E: Error creating method group {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0097E: Error finding method groups
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0098E: Error finding method group {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0099E: Error finding method group for id {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0100E: Error storing method group
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0101E: Error removing method group
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0102E: Error creating method group
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0103E: MethodGroupHome does not exist
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0104E: Error creating predefined method groups
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0105E: An unexpected exception occurred when decoding the value [{0}] for password [{1}] in the security configured URL
Explanation: The encoded password cannot be decoded because it is missing or malformed.
User Response: Verify the passwords in the security config URL are not corrupt or missing. Reset the affected password through the WebSphere Admin console if possible. If all else fails, reset the password to its plain text value in the security config URL (which is usually sas.server.props).

SECJ0106E: An unexpected exception occurred when encoding the value [{0}] for password [{1}] in the security configured URL
Explanation: The password cannot be encoded because it is missing or malformed.
User Response: Verify the passwords in the security config URL are not corrupt or missing. Reset the affected password through the WebSphere Admin console if possible. If all else fails, reset the password to its plain text value in the security config URL (which is usually sas.server.props).

SECJ0107W: The {0} file does not exist
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If this message is from a warning, then it is a temporary problem which is usually recovered from automatically. If it is not a warning, then check the file permissions for the file to ensure they are readable. If the file is missing, restore it.

SECJ0108E: Unexpected exception occurred when getting user registry or registry attributes.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: Verify that the user registry has been configured in WebSphere properly.

SECJ0109W: Recovering ({0}) from ({1})
Explanation: The security config URL is being recovered from the future version. This may happen if the security config URL is missing or has been deleted.
User Response: None

SECJ0110E: I/O Error occurred when loading property URL {0}
Explanation: A loadProperties() operation probably failed.
User Response: Verify the file permissions associated with security config URL property file (typically sas.server.props) are read and writable.

SECJ0111W: RunAsMap Not defined properly for Application {0}
Explanation: The run-as-bindings size is zero for this application.
User Response: Verify that the run-as bindings are specified for the application if necessary.

SECJ0112W: Authorization Table Not defined for Application {0}
Explanation: No security constraints or roles have been defined for this application.
User Response: If no security is necessary for this application then ignore this message. Otherwise, review the security requirements of this application.

SECJ0113E: An unexpected exception occurred in getRequiredRoles for method {0} and resource {1}. The exception is {2}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: CMGS0002

SECJ0114W: Unable to extract the security attributes from the credential
Explanation: The credential may be malformed or corrupt.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0115W: The credential has a null value for the public name
Explanation: The credential is possibly malformed or corrupt.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0116W: Unable to extract the credential token from the credential
Explanation: The credential is possibly malformed or corrupt.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0117E: Form login failed for user {0}
Explanation: The user could not be authenticated by the FormLogin Servlet. The user id or password may have been entered incorrectly. The user may not exist in the user registry that WebSphere is configured to authenticate to.
User Response: Verify that the user id and password are entered correctly. Consult with the administrator of the user registry if the problem persist.

SECJ0118E: Authentication error during authentication for user {0}
Explanation: An unexpected error occurred during authentication.
User Response: This is an internal error. Look for previous messages that may be related to the failure.

SECJ0119E: Error getting the web app information for form login. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0120I: Trust Association Init loaded {0} interceptor(s)
Explanation: Reports the number of Trust Association interceptors that have been added.
User Response: None, informational only.

SECJ0121I: Trust Association Init class {0} loaded successfully
Explanation: Self Explanatory.
User Response: None, informational only.

SECJ0122I: Trust Association Init Interceptor signature: {0}
Explanation: Reports the signature of the Trust Association interceptor.
User Response: None, informational only.

SECJ0123E: Trust Association Init Error retrieving class loader. Trust Association cannot be enabled.
Explanation: getClassLoader() operation returned null.
User Response: Verify the appropriate Trust Association classes are installed and the classpath is correct.

SECJ0124E: Trust Association Init No interceptor class {0} found
Explanation: The interceptor class file specified in trustedservers.properties cannot be found.
User Response: Verify the appropriate Trust Association classes are installed and the classpath is correct. Also verify the class specified in the trustedservers.properties file and that the file has at least the read permission.

SECJ0125E: Trust Association Init Unable to load Trust Association class {0}.
Explanation: A ClassNotFoundException occurred when trying to load the subject class.
User Response: Verify the appropriate Trust Association classes are installed and the classpath is correct.

SECJ0126E: Trust Association failed during validation. The exception is {0}
Explanation: When the appropriate interceptor is found for a given request, that interceptor then validates its trust with the reverse proxy server. This error message suggests that the validation has failed and therefore the reverse proxy cannot be trusted. For example, an incorrect password may have been provided.
User Response: In a production environment, the user may be alerted to check if there is an intruder in the system. In a development environment in which testing is underway, verify if the expected inputs from the reverse proxy server is in fact being passed to the interceptor correctly. The nature of these inputs really depends on how trust association is being established. For example, the simplest method would be to pass a username/password through the Basic Authentication header.

SECJ0127E: Unable to find a valid user for Trust Association
Explanation: When the WebAuthenticator invoked an interceptor to return the authenticate username, no such username was returned.
User Response: Verify that the reverse proxy server is putting in the right username in the HTTP request before sending the request to WebSphere

SECJ0128E: An unexpected exception occurred during Trust Association. The exception is {0}.
Explanation: This refers to all other exceptions that can be possibly thrown by an interceptor, when validating trust with the reverse proxy server and when getting the authenticated username, aside from WebTrustAssociationFailedException and WebTrustAssociationUserException.
User Response: Debug the problem from the stack trace that is printed together with this error message. You can also turn on the debug trace to get more information about the nature of the exception.

SECJ0129E: Authorization failed for {0} while invoking {1} on {2}, {3}
Explanation: The user does not have the necessary permission to access the resource.
User Response: Contact your WebSphere security administrator if this is unexpected. The user must be mapped to one the roles protecting the resource if the user requires access to the protected resource.

SECJ0130E: Unable to get source path from request header 'via'
Explanation: When using WebSealTrustAssociationInterceptor, the "via" HTTP header in the HTTP Request object will be examined. This message appears when the value for this header is invalid or corrupted.
User Response: Make sure that WebSeal and/or the HTTP Server is properly working.

SECJ0131E: Authentication failed. Unable to get the mapped credential for SecOwnCredentials.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0132I: Java 2 Security is enabled
Explanation: Java 2 Security Manager is installed.
User Response: None, informational only.

SECJ0133E: Illegal {0} : {1}
Explanation: An illegal Permission was attempted. Only the main thread can set the security manager.
User Response: Verify the code that is trying to set the security manager is not trying to subvert the WebSphere security manager.

SECJ0134E: The current Java 2 Security policy does not permit the requested action.{0}Java 2 Security Permission: {1}, denied with exception message: {2}.{3}Violating code: {4}
Explanation: The Java Security Manager checkPermission() threw a SecurityException on the subject Permission.
User Response: Verify the attempted operation is permitted.

SECJ0135W: Illegal System.exit() attempted
Explanation: Only the main thread is allowed to exit the Java VM
User Response: Verify the code attempting the system exit is not trying to subvert the WebSphere security manager.

SECJ0136I: Custom Registry:{0} has been initialized
Explanation: Reports the Custom User Registry implementation that is being used.
User Response: None, informational only.

SECJ0137E: Could not get EnterpriseAppHome
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0138E: Failed to install the admin Application -
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0139E: Error to get initial naming context
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0140E: Failed to initialize Default SSL Settings
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0141E: Error to initialize default SSL configuration
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0145E: An unexpected exception occurred when decoding password in initial_ssl.properties
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0146I: ${WAS_HOME}/properties/initial_ssl.properties was not found
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0147E: Cannot credential map given credential token for certificate subject DN {0} into LDAP because of an LDAP filter mapping exception. The CertificateMapperException is {1}
Explanation: The Certificate mapping filter specified by the user in the global security settings is missing or malformed.
User Response: Review the certificate mapping filter configuration in the LDAP Advanced properties in the Security Center and verify it is present and correct.

SECJ0148E: Cannot credential map given credential token certificate subject DN {0} with filter {1} into LDAP because multiple entries match the filter. This ambiguous condition is not supported.
Explanation: More than one user entry in LDAP matched the certificate mapping filter specified in the global security settings. It is not possible to map a subjectDN in a certificate to more than one user in an LDAP user registry. The mapping filter results in an ambiguous condition that cannot be supported.
User Response: Specify a certificate mapping filter in the LDAP Advanced properties in the Security Center.

SECJ0149E: Cannot credential map given credential token for certificate subject DN {0} with filter {1} into LDAP because a NamingException occurred when searching LDAP. The NamingException is {2}
Explanation: A naming exception occurred when searching LDAP.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0150E: Cannot credential map given credential token for certificate subject DN {0} with filter {1} into LDAP because no entry in LDAP matches the DN or filter
Explanation: No entry in LDAP can be found with the subject DN in the certificate or found with the filter.
User Response: This may be the expected result depending on the subject DN in the certificate and filter. If the response is unexpected, review the certificate mapping filter defined in the LDAP advanced properties in the Security Center.

SECJ0151E: Cannot create a credential for the mapped credential token into LDAP with subjectDN {0} and mapped name {1} using filter {2}. The exception is {3}
Explanation: The DN in the certificate was successfully mapped to an entry in LDAP but, an unexpected exception occurred when trying to create a credential for the mapped entry.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0152W: SecurityLevel was either missing or set to a wrong value (valid values are: high, medium, low); default to high.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0153E: Invalid LDAP user ID
Explanation: Using invalid user ID or the user ID is not a directory entry. The directory administration ID (root DN) is not a directory entry on most LDAP servers.
User Response: Verify the user ID is a valid directory entry.

SECJ0154E: SSO Configuration error. FormLogin is configured for web application {0} but SSO is not enabled in the global security settings. SSO must be enabled to use FormLogin.
Explanation: When LTPA is the authentication mechanism SSO must also be enabled if any web applications use FORM login.
User Response: Enable SSO in the global security settings and restart WebSphere

SECJ0155E: Deployment descriptor configuration error. security-role-ref {0} in ejb-jar.xml is not mapped to any security role in bean {1}, module {2}, application {3}.
Explanation: A security role ref in the specified EJB's ejb-jar.xml file has not been mapped to a security role. This is a configuration error.
User Response: The security-role-ref in the EJB's ejb-jar.xml deployment descriptor should be mapped to a security role.

SECJ0156E: Unable to initialize user registry class {0} for type {1} due to exception: {2}
Explanation: The WebSphere security code couldn't find, load, or had problems loading the user registry class.
User Response: The exception mentioned in the message should provide additional clues including the class or file that could not be found or loaded. Verify the mentioned file exists in the correct directory and PATH.

SECJ0157I: Loaded Vendor AuthorizationTable: {0}
Explanation: The Vendor specified Authorization Table is loaded successfully.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0158I: Problem loading class {0}, using default authorization table provided by WebSphere
Explanation: The Vendor specified Authorization Table could not be loaded successfully. Therefore, using WebSphere provided authorization table.
User Response: Check to make sure that the Vendor's implementation of Authorization Table is in the CLASSPATH and could be loaded.

SECJ0159E: Cannot find class {0}
Explanation: The Vendor specified Authorization Table class could not be found in the CLASSPATH.
User Response: Check to make sure that the Vendor's implementation of Authorization Table as specified in sas.server.props is in the CLASSPATH.

SECJ0160E: Can not instantiate class {0}
Explanation: The Vendor specified Authorization Table class could not be instantiated.
User Response: Check to make sure that the Vendor's implementation of Authorization Table as specified in sas.server.props could be loaded and instantiated.

SECJ0161E: Error returned from Vendor AuthorizationTable. The exception is {0}
Explanation: The Vendor specified Authorization Table failed during authorization check.
User Response: Please look at Vendor's specific exception for details. If vendor's specific exception is not present, Contact your service representative with exception stack trace information present in the error log.

SECJ0162E: Vendor''s specific exception. The exception is {0} .
Explanation: This indicates the Vendor's specific error. Example:- Server not started, Network failure, Server failed.
User Response: Depends on the error.

SECJ0163E: Generic Error from Vendor AuthorizationTable
Explanation: Unknown error from Vendor's authorization table
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ0164E: Error number {0} while calling the operating system API {1}
Explanation: An error was returned by the operating system API
User Response: Depending on the API being called, please check the operating system specific documentation

SECJ0165W: Expand exception occurred. Skip the permission entry in app.policy file. The exception is {0}.
Explanation: While expanding the permission in application policy file, caught an expand exception
User Response: Check the permission entry syntax in application policy file.(app.policy or was.policy). To identify which policy file has problem, enable security trace for component com.ibm.ws.security.policy.*. trace.log will show was.policy name.

SECJ0166W: Expand exception occurred. Skip the grant entry in app.policy file. The exception is {0}.
Explanation: While expanding the grant entry in application policy file, caught an expand exception
User Response: Check the grant entry syntax in your application policy file. (app.policy or was.policy). To identify which policy file has problem, enable security trace for component com.ibm.ws.security.policy.*. trace.log will show was.policy name.

SECJ0167W: Expand exception occurred. Skip the permission entry in filter.policy file. The exception is {0}.
Explanation: While expanding the permission entry in filter.policy file, caught an expand exception
User Response: Check the permission entry syntax in filter.policy file.

SECJ0168W: Keystore {0} of type {1} is being ignored
Explanation: Keystore of the above type is not supported.
User Response: Please use the supported type of keystores.

SECJ0169W: Expand exception occurred. Skip the permission entry. The exception is {0}
Explanation: While expanding the permission, caught an expand exception
User Response: Check the permission entry syntax in your policy file. To identify which policy file has a problem, enable security trace for component com.ibm.ws.security.policy.*. trace.log will show the policy file name.

SECJ0170W: Expand exception occurred. Skip the grant entry. The exception is {0}.
Explanation: While expanding the grant entry, caught an expand exception
User Response: Check the grant entry syntax in your policy file. To identify which policy file has a problem, enable security trace for component com.ibm.ws.security.policy.*. trace.log will show the policy file name.

SECJ0171W: Expand exception occurred. Skip the signedby key entry. The exception is {0}.
Explanation: While expanding the signedby entry, caught an expand exception
User Response: Check the signedby entry syntax in your policy file. To identify which policy file has a problem, enable security trace for component com.ibm.ws.security.policy.*. trace.log will show the policy file name.

SECJ0172E: Error {0} in encoding the FilePath
Explanation: While encoding the FilePath, there was an error.
User Response: Please check the specified syntax. To identify which policy file has a problem, enable security trace for component com.ibm.ws.security.policy.*. trace.log will show the policy file name.

SECJ0173W: Grant entry with codebase {0} and signedby {1} is being ignored
Explanation: In the system extension policy files, the grant entries should not specify codebase and signedby values
User Response: Please remove the codebase and signedby values from the grant entry in the system extension policy file. (spi.policy or library.policy)

SECJ0174W: Permission entry {0} is being ignored
Explanation: In the system extension policy files, the permission entries with signatures are not supported in the current version.
User Response: Please remove the signature values from the permission entry in the system extension policy file. (spi.policy or library.policy)

SECJ0175E: Caught an exception while retrieving data from the hashmap for the keyword {1}. The exception is {0}.
Explanation: The data stored for the keyword "type" in the hashmap is incorrect
User Response: This is an internal error. However, it could be caused by an incorrect xml file. Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0176E: Caught an exception while getting the policy template of type {1}. The exception is {0}.
Explanation: Could not retrieve the policy template of the above type.
User Response: This is an internal error. However, it could be caused by an incorrect xml file. Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0177W: Caught an exception while converting classpath {1} to URL. The exception is {0}.
Explanation: Could not convert the above classpath to a URL
User Response: Please check the classpath. Usually, this path was picked up from xml file. Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0178E: Caught an exception while retrieving the data from the hashmap for the keyword {1}. The exception is {0}.
Explanation: Could not retrieve the resource adaptor policy file from the hashmap passed to setupPolicy().
User Response: Please check the data stored in the hashmap for the resource adaptor keyword. It could be caused by incorrect xml file. Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0179E: Caught an exception while trying to get the Resource adaptor''s absolute file path. The exception is {0}.
Explanation: Could not get the absolute filepath of the resource adaptor policy file.
User Response: Please check the filepath specified in resource.xml file. Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0180E: Caught an exception while trying to get the data from the hashmap using the keyword {1}. The exception is {0}.
Explanation: Could not retrieve the deployed application policy file from the hashmap passed to setupPolicy().
User Response: This is an internal error. However, it could be caused by incorrect data in xml file. Please check the type of the policy file and the hashmap being passed to setupPolicy(). Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0181W: Caught an exception while trying to get the resource adaptor module {1} absolute filepath. The exception is {0}.
Explanation: Could not get the resource adaptor module's absolute filepath.
User Response: It could be caused by incorrect data in resources.xml file. Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0182W: Caught an exception while trying to get the Canonical path for the file {1}. The exception is {0}.
Explanation: Could not get the Canonical path for the specified file
User Response: Please check the specified file name passed to security. It could be caused by incorrect data in xml file. Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0183W: Caught an exception while trying to convert the filepath {1} to URL. The exception is {0}.
Explanation: Could not convert the specified filepath to URL.
User Response: Please check the specified filepath. It could be caused by incorrect data in xml file.Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0184W: Caught an exception while trying to get the absolute path for the resource adaptor {1} in removePolicy(). The exception is {0}.
Explanation: Could not get the absolute path for the resource adaptor in removePolicy().
User Response: Please check the specified path. It could be caused by incorrect data in xml file. Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0185W: Caught an exception while trying to get the absolute path for the module {1} in removePolicy(). The exception is {0}
Explanation: Could not get the absolute path for the module in removePolicy().
User Response: Please check the specified path. It could be caused by incorrect data in xml file.Please enable security trace with com.ibm.ws.security.policy.* to get more detailed information.

SECJ0186E: Caught IOException while creating template for System Extension Policy of type {1} The exception is {0}
Explanation: IOException occurred when creating the system extension template in the hashmap of all the templates.
User Response: Please check the IOException to see the cause for not being able to create the system extension template in the hashmap.

SECJ0187E: Caught ParserException while creating template for System Extension Policy of type {1} The exception is.{0}
Explanation: ParserException occurred when creating the system extension template in the hashmap of all the templates.
User Response: Please check the ParserException data. Check the specified policy file.

SECJ0188E: Caught IOException while creating template for Application Policy {0}. The exception is {1}.
Explanation: IOException occurred when creating the application policy template in the hashmap of all the templates.
User Response: Please check the specified policy file.

SECJ0189E: Caught ParserException while creating template for Application Policy {0}. The exception is {1}.
Explanation: ParserException occurred when creating the application policy template in the hashmap of all the templates.
User Response: Please check the ParserException data. Check the specified policy file.

SECJ0190E: Caught IOException while creating template for was.policy {0}. The exception is {1}.
Explanation: IOException occurred when putting the was.policy template in the hashmap of all the templates.
User Response: Please check the specified was.policy file.

SECJ0191E: Caught ParserException while creating template for was.policy {0} . The exception is {1}.
Explanation: ParserException occurred when putting the was.policy template in the hashmap of all the templates.
User Response: Please check the ParserException data. Check the specified was.policy file.

SECJ0192E: Caught IOException while creating template for resource adaptor(read from WCCM) {1}. The exception is {0}.
Explanation: IOException occurred when creating the resource adaptor template in the hashmap of all the templates.
User Response: Please check the specified ra.xml file's permission specification.

SECJ0193E: Caught ParserException while creating template for resource adaptor(read from ra.xml) {0}. The line is [{1}]. The exception is {2}.
Explanation: ParserException occurred when putting the resource adaptor template in the hashmap of all the templates.
User Response: Please check the ParserException data. Check the ra.xml's permission specification.

SECJ0194E: Caught IOException while adding permission to the set of filtered permissions. The exception is {0}.
Explanation: IOException occurred when adding permission to the set of filtered permissions.
User Response: Please check the filter.policy file.

SECJ0195E: Caught ParserException while adding permission to the set of filtered permissions. The exception is {0}.
Explanation: ParserException occurred when adding permission to the set of filtered permissions.
User Response: Please check the ParserException data.

SECJ0196W: Custom permission {0} is being used in an application policy file {1}
Explanation: Custom permission is being used in an application policy file.
User Response: Please make sure that it is all right to use a custom permission in an application policy file.

SECJ0197E: Caught Invocation TargetException while constructing the permission object. The exception is {0}.
Explanation: Invocation TargetException occurred while constructing the permission object.
User Response: Please check the exception.

SECJ0198E: Caught an exception while constructing the permission object. The exception is {0}.
Explanation: An Exception occurred while constructing the permission object.
User Response: Please check the exception.

SECJ0199E: Caught an IOException while adding the grant entry to the policy template of the resource adaptor {1} . The exception is {0}.
Explanation: An IOException occurred while adding the grant entry to the policy template of the resource adaptor.
User Response: Please check the specified ra.xml file.

SECJ0200E: Caught a ParserException while adding the grant entry {1} to the policy template of the resource adaptor {0}. The exception is {2}.
Explanation: A ParserException occurred while adding the grant entry to the policy template of the resource adaptor.
User Response: Please check the syntax of permission specification in the specified ra.xml

SECJ0201I: Error number {0} while calling the operating system API {1}
Explanation: The above error number was returned by the above API.
User Response: Depending on the API being called, please check the operating system documentation for the API.

SECJ0202I: Admin application initialized successfully
Explanation: The Admin application initialized successfully
User Response: None. Informational only.

SECJ0203I: Naming application initialized successfully
Explanation: The Naming application initialized successfully
User Response: None. Informational only.

SECJ0204I: Rolebased authorizer initialized successfully
Explanation: The Rolebased authorizer initialized successfully
User Response: None. Informational only.

SECJ0205I: Security Admin mBean registered successfully
Explanation: The Security Admin mBean registered successfully
User Response: None. Informational only.

SECJ0206E: Error creating or registering {0} mBean. The exception is {1}
Explanation: An unexpected exception occurred when trying to create or register an mBean.
User Response: There may be a problem with the configuration. The exception may include details.

SECJ0207E: Failed to load {0} resource from cell. The exception is {1}
Explanation: The specified resource could not be loaded due to an exception.
User Response: The failure may be related to a configuration problem related to the resource.

SECJ0208E: An unexpected exception occurred when attempting to authenticate the server''s id during security initialization. The exception is {0}.
Explanation: The userId and password specified for the server's identity when configuring global security could not be used to authenticate the server.
User Response: Verify that the userId and password are valid and meet the requirements for the user registry or authentication mechanism.

SECJ0209E: An unexpected exception occurred when attempting to update the JAAS login configuration with WCCM JAAS configuration information. The exception is {0}
Explanation: The WCCM JAAS login configuration information could not be pushed to the JAAS configuration object.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0210I: Security enabled {0}
Explanation: Reports current security enabled or disabled status.
User Response: None. Informational only

SECJ0211E: Failed to lookup or rebind security server with name {0}. The exception is {1}.
Explanation: An unexpected error occurred. It could be that the Cell Manager or Node Agent are not started.
User Response: If a remote security server was specified when enabling global security, verify that the Node Agent and Cell Manager are running.

SECJ0212I: WCCM JAAS configuration information successfully pushed to login provider class.
Explanation: The WCCM JAAS login configuration information was pushed to the JAAS configuration object.
User Response: None. Informational only.

SECJ0213E: Unexpected JAAS login provider class {0} is currently configured. The expected configured class is {1}. When WebSphere security is enabled, this class is required.
Explanation: WebSphere provides an implementation of javax.security.auth.login.Configuration and dynamically installs this class at server startup. Either some application code has installed a different login provider class or a problem occurred when WebSphere tried to dynamically install the class.
User Response: Check for other server startup warning or error messages.

SECJ0214W: Unexpected JAAS login provider class {0} is currently configured. The expected configured class is {1}. When WebSphere security is enabled, this class is required.
Explanation: WebSphere provides an implementation of javax.security.auth.login.Configuration and dynamically installs this class at server startup. Either some application code has installed a different login provider class or a problem occurred when WebSphere tried to dynamically install the class.
User Response: Check for other server startup warning or error messages.

SECJ0215I: Successfully set JAAS login provider configuration class to {0}.
Explanation: WebSphere provides an implementation of the javax.security.auth.login.Configuration class. This class was successfully set at server startup.
User Response: None. Informational only.

SECJ0216E: An exception occurred when setting JAAS login provider configuration class to {0}. The exception is {1}.
Explanation: WebSphere provides an implementation of the javax.security.auth.login.Configuration class. This class could not be set at server startup.
User Response: Configuration.class may not be present. This is an internal error.

SECJ0217W: Detected a duplicate JAAS LoginModule alias name {0} when processing JAAS configuration information.
Explanation: A duplicate JAAS LoginModule alias name exist either in a JAAS login URL or in the security.xml file. The duplicate will be replaced with the last one processed.
User Response: Verify no duplicate JAAS LoginModule aliases exist in the login URLs or in the security.xml file.

SECJ0218E: Exception caught retrieving RoleBasedAuthorizer. The exception is {0}.
Explanation: The Rolebased authorizer could not be retrieved due to an exception.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0219E: Unable to get or use role based authorizer because application {0} has not been loaded.
Explanation: The application must be loaded for the role base authorizer can be used to enforce authorization.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0220W: The role based authorizer for module {0} has already been loaded.
Explanation: The role based authorizer will load only once per module.
User Response: None, informational only.

SECJ0221E: An unexpected exception occurred in findMatchingMethod for method {0} and bean {1}, the exception is {2}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0222E: An unexpected exception occurred when trying to create a LoginContext. The LoginModule alias is {0} and the exception is {1}.
Explanation: A JAAS LoginContext could not be created due to the unexpected exception.
User Response: The problem could be due to a configuration error.

SECJ0223E: User {0} authenticated successfully but unable to send redirect to the original request page. The {1} cookie is not present.
Explanation: The HTTP cookie that contains the originally requested page was not found.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0224E: An unexpected exception occurred when trying to configure the security related web attributes for web applications {0}. The exception is {1}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0225W: PD Authentication disabled.
Explanation: PD Authentication disabled.
User Response: None, informational only.

SECJ0226E: The LocalOS server ID ({0}) should not be the same value as the LocalOS realm ({1}) in the security.xml.
Explanation: When the LocalOS server ID is equal to the LocalOS realm, the access ID returned by the operating system is the machine ID not the server ID.
User Response: Make sure that the server ID is different from the machine ID.

SECJ0227E: An exception occurred when creating class of type {0}. The exception is {1}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0228E: Object of type {0} is null.
Explanation: Object created by reflection is null.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0229E: Method {0} of object of {1} type is null.
Explanation: Method returned by reflection is null.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0230E: Invoking reflection method {0} of object type {1} throws exception {2}.
Explanation: Reflection method invocation failed.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0231I: The Security component''s FFDC Diagnostic Module {0} registered successfully: {1}.
Explanation: Describes whether or not the Security component's FFDC Diagnostic module was successfully registered.
User Response: None. Informational only.

SECJ0232E: An unexpected exception occurred when trying to get the User Registry from the Security Server. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0233E: An unexpected exception occurred when trying to get users from the User Registry with pattern {0} and limit {1}. The exception is {2}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0234E: An unexpected exception occurred when trying to get groups from the User Registry with pattern {0} and limit {1}. The exception is {2}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0235E: An unexpected exception occurred when trying to export the LTPA Keys from the security mbean. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0236E: An unexpected exception occurred when trying to import the LTPA Keys from the security mbean with properties {0}. The exception is {1}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0237E: One or more vital LTPAServerObject configuration attributes are null or not available. The attributes and values are password : {0}, expiration time {1}, private key {2}, public key {3}, and shared key {4}.
Explanation: LTPA is the configurated authentication mechanism but it has not yet been properly configured. Keys or other LTPA configuration attributes are missing.
User Response: Disable WebSphere security, restart the appserver and properly configure LTPA authentication.

SECJ0238E: An unexpected exception occurred when trying to create the initial LTPAServerObject. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0239I: Security service initialization started
Explanation: Security service initialization started.
User Response: None. Informational only

SECJ0240I: Security service initialization completed successfully
Explanation: Security service initialization started.
User Response: None. Informational only

SECJ0241I: Security service initialization completed successfully
Explanation: Security service initialization started.
User Response: None. Informational only

SECJ0242I: Security service is starting
Explanation: Security service started.
User Response: None. Informational only

SECJ0243I: Security service started successfully
Explanation: Security service started.
User Response: None. Informational only

SECJ0244I: Security service failed to start successfully
Explanation: Security service started.
User Response: None. Informational only

SECJ0245E: An unexpected exception occurred when the SecurityServerFactory tried to create the SecurityServer. The exception is {0}.
Explanation: An error occurred that prevented the SecurityServer from being created.
User Response: The log should contain additional errors that may indicate the cause of the problem.

SECJ0246E: Caught unexpected exception in retrieving ORB SSL settings {0}
Explanation: An unexpected exception occurred retrieving the ORB SSL settings.
User Response: Verify the property file, usually sas.server.props contents. Contact your service representative if the problem persists.

SECJ0247I: ORB SSL Key File or Passwords settings were missing in server-cfg.xml
Explanation: ORB SSL Key File or Passwords settings were missing in server-cfg.xml
User Response: Verify the server-cfg.xml file.

SECJ0248I: Caught unexpected exception in retrieving ORB SSL initialization. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0249E: Failed to cleanup. The exception is {0}.
Explanation: An unexpected exception occurred while clean up of specified repository.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0250E: Error creating security server. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0251E: Error getting Initial Naming Context. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0252E: Error getting remote security server. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0253E: Generic Exception while getting remote security server. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0254E: Error getting Initial Naming Context. The exception is {0}.
Explanation: javax.naming.NamingException occurred when getting Initial Naming Context.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0255E: Error creating security server/ The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0256E: Error binding SecurityServer to naming. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0257E: Failed to find security server in name space. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0258E: Cannot find user registry. The exception is {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0259E: IOException from CallbackHandler. The exception is {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0260E: Unsupported {0} callback in CallbackHandler. The exception is {1}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0261E: Something wrong during LoginModule commit. The exception is {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0262E: Exception occurred when removing {0} during cleanup. The exception is {1}
Explanation: Unexpected exception occurred when removing the specified principal during cleanup.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0263E: Exception occurred when removing WSCredential during cleanup. The exception is {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0264E: fillAccessids: Error getting user registry. The exception is {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0265E: removeAccessIds: Error getting user registry. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0266E: Failed to create a new web attribute.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0267E: Failed to get RoleBasedConfigurator. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0268E: Problem loading class {0}, using default authorization table provided by WebSphere
Explanation: The Vendor specified Authorization Table could not be loaded successfully. Therefore, using WebSphere provided authorization table.
User Response: Check to make sure that the Vendor's implementation of Authorization Table is in the CLASSPATH and could be loaded.

SECJ0269E: Failed to get actual credentials. The exception is {0}.
Explanation: java.lang.reflect.InvocationTargetException occurred when try to execute getActualCredential() method.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0270E: Failed to get actual credentials. The exception is {0}.
Explanation: Unexpected exception occurred when try to execute getActualCredential() method.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0271E: Error restoring original credentials.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0272E: Error setting to system credentials.
Explanation: Unexpected exception occurred while restoring original credentials.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0273E: Failed to load SecurityServer.xml. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0274E: Error getting Initial Naming Context. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0275E: Error trying to find user registry. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0276E: BasicAuthData credential is already destroyed. The exception is {0}.
Explanation: CredentialDestroyedException occurred while trying to get BasicAuthData. The credential was already destroyed.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0277E: BasicAuthData credential is already expired. The exception is {0}.
Explanation: javax.security.auth.login.CredentialExpiredException occurred while trying to get BasicAuthData.
User Response: refresh the credential.

SECJ0278E: TokenData credential is already destroyed. The exception is {0}.
Explanation: CredentialDestroyedException occurred while trying to get credential token. The credential was already destroyed.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0279E: TokenData credential is already expired. The exception is {0}.
Explanation: javax.security.auth.login.CredentialExpiredException occurred while trying to get token.
User Response: refresh the credential.

SECJ0280E: Error getting realm from registry. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0281E: Error creating user registry object. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0282E: Error getting initial context. The exception is {0}.
Explanation: javax.naming.NamingException occurred while getting the initial naming context.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0283E: Error binding User Registry. The exception is {0}.
Explanation: javax.naming.NamingException occurred while rebinding the user registry.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0284E: Error trying to find User Registry. The exception is {0}.
Explanation: javax.naming.NamingException occurred while finding the user registry.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0285E: Failed to retrieve RoleBasedAuthorizer. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0286W: Error during security initialization.
Explanation: Unexpected exception occurred when initializing security server component.
User Response: None. This is warning.

SECJ0287E: Failed to call setupPolicy for {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0288E: Error during security initialization.
Explanation: Unexpected exception occurred when updating authorization table.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0289E: Failed to call removePolicy for {0}.
Explanation: Unexpected exception occurred when trying to call removePolicy() for specified type.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0290W: All subjects assigned to Special role DenyAllRole for application {0} are removed.
Explanation: All subjects assigned to Special role DenyAllRole for the specified application are removed.
User Response: None. This is a warning.

SECJ0291E: Failed to retrieve the information of Resource Adapter for provider ( {0} ) to call setupPolicy().
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0292E: Failed to retrieve the information of Resource Adapter of {0} to call setupPolicy().
Explanation: Unexpected exception occurred when trying to retrieve the information of Resource Adapter to call setupPolicy().
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0293E: No registry.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0294E: Error setting properties to file ({0}). The exception is {1}.
Explanation: IOException occurred when setting properties to specified file.
User Response: Verify if the property file exist, or the permission.

SECJ0295E: Error getting properties to file ({0}). The exception is {1}.
Explanation: IOException occurred when getting properties to specified file.
User Response: Verify if the property file exist, or the permission.

SECJ0296E: Error checking password for user :{0}. The exception is {1}.
Explanation: com.ibm.websphere.security.PasswordCheckFailedException occurred when checking the password for specified user.
User Response: Verify the password for the specified user.

SECJ0297E: Error checking password for user :{0}. The exception is {1}.
Explanation: com.ibm.websphere.security.CustomRegitryException exception occurred when checking the password for specified user.
User Response: Verify the password for the specified user.

SECJ0298E: Error checking password for user :{0}. The exception is {1}.
Explanation: Unknown exception occurred when checking the password for specified user.
User Response: Verify the password for the specified user.

SECJ0299E: Caught an exception while decoding the file path: {0}. The exception is {1}.
Explanation: Failed to decode the specified file. The details is shown in the exception.
User Response: Verify the policy files, xml files(resource.xml) to confirm the classpath specified in them are correct.

SECJ0300W: The file or directory ( {0} ) does not exist.
Explanation: The specified file or directory does not exist.
User Response: Verify the policy files, xml files(resource.xml) to confirm the classpath specified in them are correct.

SECJ0301W: Failed to convert a file path {0} to CodeSource. The exception is {1}
Explanation: MalformedURLException occurred when trying to convert the specified path to URL.
User Response: Verify the policy files, xml files(resource.xml) to confirm the classpath specified in them are correct.

SECJ0302W: No alias name for {0}.
Explanation: This configuration does not have any alias name.
User Response: This is warning.

SECJ0303E: Error getting registry''s realm. The exception is {0}
Explanation: Exception occurred when getting registry's realm.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0304E: Cannot get user registry. The exception is {0}.
Explanation: Unexpected exception occurred when getting user registry.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0305I: Role based authorization check failed for security name {0}, accessId {1} while invoking method {2} on resource {3} and module {4}.
Explanation: The caller does not have the necessary permission, there was no credential on the thread, the caller is not authenticated, or the accessId could be null.
User Response: If the failure is unexpected, verify the caller has been granted the required role.

SECJ0306E: No received or invocation credential exist on the thread. The Role based authorization check will not have an accessId of the caller to check. The parameters are: access check method {0} on resource {1} and module {2}. The stack trace is {3}.
Explanation: No invocation or received credentials were established on this thread. This may cause the role based authorization check to fail.
User Response: The stack trace is obtained by a local throw catch block that maybe useful for debugging the problem.

SECJ0307E: Unexpected exception is caught when trying to determine the code base location. Exception: {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0308I: Java2 security is installed.
Explanation: JAVA2 security is enabled.
User Response: None, informational only.

SECJ0309I: Java 2 Security is disabled.
Explanation: Java 2 Security Manager is NOT installed.
User Response: None, informational only.

SECJ0310E: Caught a ParserException while adding the grant entry to the policy template {1}. The exception is {0}
Explanation: A ParserException occurred while adding the grant entry to the policy template.
User Response: Please check the ParserException data. Please check the specified policy file.

SECJ0311W: Caught an exception while trying to get the module {1} absolute filepath. The exception is {0}.
Explanation: Could not get the module's absolute filepath.
User Response: Please check the filepath given to load the module.

SECJ0312W: {$Application} phrase should not include ${was.module.path} keyword.
Explanation: Syntax error in the policy file. ${Application} phrase should not include ${was.module.path} keyword. This entry is ignored.
User Response: Please check the application policy file.

SECJ0313I: Java 2 Security Manager debug message flags are initialized: TrDebug: {0}, Access: {1}, Stack: {2}, Failure: {3}, Rethrow {4}
Explanation: This message provides the current value of the java.security.debug property which is used to enable various debug information related to Java 2 Security.
User Response: None, this is informational only.

SECJ0314W: Current Java 2 Security policy reported a potential violation of Java 2 Security Permission. Please refer to Problem Determination Guide for further information.{0}Permission:{1}Code:{2}{3}Stack Trace:{4}Code Base Location:{5}
Explanation: The Java Security Manager checkPermission() threw a SecurityException on the subject Permission. A caller on the call stack does not have the required permission. This may not be a problem if the caller properly handles this exception.
User Response: Verify the attempted operation is permitted by examining all Java 2 security policy files and application code. Additional permissions may be required, a doPrivileged API may be needed in some code on the call stack, or the Security Manager properly prevented access to a resource the caller does not have permission to access.

SECJ0315W: The permission {0} specified in the application policy file:{1} does not exist.
Explanation: The permission class {0} specified in the application policy file(was.policy or app.policy) does not exist.
User Response: Please fix the specified application policy file.

SECJ0316W: The permission {0} specified in the filter.policy file(filter.policy) does not exist.
Explanation: The permission class {0} specified in the filter.policy file does not exist.
User Response: Please fix the filter.policy file.

SECJ0317W: The permission {0} specified in the application policy file({1}) is a part of the permission {2} specified in filter.policy.
Explanation: The permission class {0} specified in the application policy is not be removed. However, it is a part of the permission specified in filter.policy.
User Response: If the permission should be filtered out, divide the permission specified in the application policy.

SECJ0318I: The permission {0} specified in the application policy file({1}) were filtered out.
Explanation: The permission {0} specified in the application policy was removed because filer.policy has the same entry.
User Response: none. This is an informational message.

SECJ0319I: java.security.AllPermission was found in the application policy file {0}.
Explanation: java.securityAllPermission was found in the application.
User Response: none. This is an informational message.

SECJ0320E: Error parsing {0}: {1}
Explanation: There is a syntax error in the policy file.
User Response: Please use ${java.home}/jre/bin/policytool to verify the syntax or edit the policy file and correct the syntax error.

SECJ0321E: Role based authorization is caller in role failed for security name {0}, accessId {1}, and role name {2}.
Explanation: The caller does not have the necessary permission, there was no credential on the thread, the caller is not authenticated, or the accessId could be null.
User Response: If the failure is unexpected, verify the caller has been granted the required role.

SECJ0322W: Missing attribute in Security Configuration.
Explanation: Required attribute CertificateFilter is missing. Certificate Filter is required when CertificateMapMode is CERTIFICATE_FILTER.
User Response: Set CertificateFilter in the advanced LDAP settings.

SECJ0323E: Invalid LDAP user/group ID
Explanation: Using invalid user/group ID or the user/group ID is not a directory entry. The directory administration ID (root DN) is not a directory entry on most LDAP servers.
User Response: Verify the user/group ID is a valid directory entry.

SECJ0324E: Error during Java 2 Security and Dynamic Policy initialization. The exception is {0}.
Explanation: An unexpected error occurred during Java 2 Security and Dynamic Policy initialization.
User Response: This is a general error. Look for previous messages that may be related to the failure or a configuration problem. Enabling security debug trace for security component com.ibm.ws.security.* may yield additional information.

SECJ0325W: The permission {0} specified in the policy file {1} is unresolved.
Explanation: The permission class {0} specified in the policy file was not loaded.
User Response: Please confirm that the specified permission in then policy file is correct. If permission class is incorrect, this warning is issued.

SECJ0326E: No received or invocation credential exist on the thread. The Role based authorization check will not have an accessId of the caller to check. The parameters are: role name {0}. The stack trace is {1}.
Explanation: No invocation or received credentials were established on this thread. This may cause the role based authorization check to fail.
User Response: The stack trace is obtained by a local throw catch block that may be useful for debugging the problem.

SECJ0327E: Problem loading the registry properties file. The exception is {0}.
Explanation: Unexpected exception occurred when loading registry properties file.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0328E: Registry implementation file is missing.
Explanation: Cannot locate the registry implementation file.
User Response: If you are using a Custom Registry make sure that your provide the registry implementation file in the GUI or in the scripting (whichever is being used). If you are using WAS supplied registries contact your service representative if the problem persists.

SECJ0329E: The registry implementation file {0} is not a instance of the supported user registries.
Explanation: This can happen when using custom registries and if they are not instances of UserRegistry or CustomRegistry.
User Response: Make sure you implement the UserRegistry interface for your custom registry.

SECJ0330E: The registry implementation file {0} cannot be loaded because of the following exception {1}
Explanation: This can happen when the specified custom registry cannot be loaded.
User Response: The custom registry implementation file should be in the classpath as mentioned in the custom user registry section in the InfoCenter. If this happens for WAS provided registries contact your service representative if the problem persists.

SECJ0331E: The registry implementation file {0} cannot be initialized because of the following exception {1}
Explanation: The specified custom registry implementation cannot be initialized.
User Response: Make sure all the properties required for the custom registry initialization are passed through GUI or scripting (whichever is being used).If this happens for WAS provided registries contact your service representative if the problem persists.

SECJ0332E: The checkPassword method failed for user {0}.
Explanation: The checkPassword method failed to return a user.
User Response: If using WAS provided registries this problem should have preceeded with other authentication related exception(s). Look into them to fix the actual authentication problem. In addition if a custom registry is being used make sure you return a valid userId after a successful authentication.

SECJ0333E: The mapCertificate method failed.
Explanation: The mapCertificate method failed to return a user from the certificate chain.
User Response: Make sure the certificate should contain a valid user in the registry. This problem should have preceeded with other exception(s). Looking into them would help in narrowing down the problem. In addition if a custom registry is being used make sure you return a valid userId after successfully mapping the certificate.

SECJ0334E: Cannot create credential for null user.
Explanation: Internal Error. The user name provided to create the credential is null.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0335E: Authentication failed for user {0}.
Explanation: The registry failed to return a user after authentication.
User Response: This would happen if the authentication was not successful and the custom registry did not throw exceptions to indicate this. Make sure you are entering a current userID and password for authentication. This problem might have preceeded by other problems. Looking at those problems might narrow the problem down.

SECJ0336E: Authentication failed for user {0} because of the following exception {1}
Explanation: Authentication failed with the specified reason.
User Response: Verify that the user id and password are entered correctly. Consult with the administrator of the user registry if the problem persist.

SECJ0337E: The mapCertificate method is not supported.
Explanation: Internal Error.
User Response: Information purposes only.

SECJ0338E: The following error occurs when getting the display name of the group {0}, {1}.
Explanation: Error getting display name of a group.
User Response: Make sure the group is valid and has a display name.

SECJ0339E: Could not get the display name of the group {0}.
Explanation: Problem getting display name of a group.
User Response: Make sure the group is valid and has a display name.

SECJ0340E: Could not get the uniqueId for the group {0}.
Explanation: Problem getting uniqueId of a group.
User Response: Make sure the group is valid in the registry and if it is a custom registry make sure it also has an uniqueId.

SECJ0341E: Could not get the uniqueId for the group {0} because of the following exception {1}.
Explanation: Problem getting uniqueId of a group.
User Response: Make sure the group is valid in the registry and if it is a custom registry make sure it also has an uniqueId.

SECJ0342E: Could not get the groups matching the pattern {0} because of the following exception {1}.
Explanation: Internal Error.
User Response: Make sure the groups matching the pattern exist in the registry. Contact your service representative if the problem persists.

SECJ0343E: Could not get the groups that the user {0} belongs to.
Explanation: Internal Error.
User Response: Make sure the user is valid. Contact your service representative if the problem persists.

SECJ0344E: Could not get the groups that the user {0} belongs to because of the following exception {1}.
Explanation: Internal Error.
User Response: Make sure the user is valid. Contact your service representative if the problem persists.

SECJ0345E: Could not get the users in the group {0} because of the following exception {1}.
Explanation: Internal Error.
User Response: Make sure the group is valid. Contact your service representative if the problem persists.

SECJ0346E: Could not get the name of the group whose uniqueId is {0} because of the following exception {1}.
Explanation: Internal Error.
User Response: Make sure the group is valid. Contact your service representative if the problem persists.

SECJ0347E: Could not get the name of the group whose uniqueId is {0}.
Explanation: Internal Error.
User Response: Make sure the group is valid. Contact your service representative if the problem persists.

SECJ0348E: Could not get the display name of the user {0}.
Explanation: Internal Error.
User Response: Make sure the user is valid and has a display name. Contact your service representative if the problem persists.

SECJ0349E: Could not get the display name of the user {0} because of the following exception {1}.
Explanation: Internal Error.
User Response: Make sure the user is valid and has a display name. Contact your service representative if the problem persists.

SECJ0350E: Could not get the uniqueId of the user {0}.
Explanation: Internal Error.
User Response: Make sure the user is valid. Contact your service representative if the problem persists.

SECJ0351E: Could not get the uniqueId of the user {0} due to the following exception {1}.
Explanation: Internal Error.
User Response: Make sure the user is valid. Contact your service representative if the problem persists.

SECJ0352E: Could not get the users matching the pattern {0} because of the following exception {1}.
Explanation: Internal Error.
User Response: Make sure the users matching the pattern exist in the registry. Contact your service representative if the problem persists.

SECJ0353E: Could not get the name of the user whose uniqueId is {0}.
Explanation: Internal Error.
User Response: Make sure the user is valid. Contact your service representative if the problem persists.

SECJ0354E: Could not get the name of the user whose uniqueId is {0} because of the following exception {1}.
Explanation: Internal Error.
User Response: Make sure the user is valid. Contact your service representative if the problem persists.

SECJ0355E: Validating the group {0} throws the following exception {1}.
Explanation: Internal Error.
User Response: Make sure the group is valid. Contact your service representative if the problem persists.

SECJ0356E: Could not get the realm for the registry in windows.
Explanation: Not able to get the hostname of the Windows machine or the domain controller.
User Response: Make sure that the user who is running WAS has administrative and "act as part of operating system" privilege in the Windows machine and also an administrator in the domain machine. Contact your service representative if the problem persists.

SECJ0357E: The registry initialization failed with the following exception {0}.
Explanation: Registry cannot be initialized. Internal Error.
User Response: Make sure that the user who is running WAS has administrative and "act as part of operating system" privilege in the Windows machine and also an administrator in the domain machine. Contact your service representative if the problem persists.

SECJ0358E: Validating the user {0} throws the following exception {1}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0359E: Could not get the uniqueId for {0} because of the following exception {1}.
Explanation: Problem getting uniqueId of a user/group.
User Response: Make sure that the user or group is valid in the registry and if it is a custom registry make sure an uniqueId exists for user or group.

SECJ0360E: Authentication failed for {0} because multiple users matched the user.
Explanation: Authentication failed because multiple users found in the registry with the same name.
User Response: When using LDAP make sure that shortname used for the user is unique. For example, if "uid" is used as the shortname make sure the uid are unique in the registry.

SECJ0361E: Authentication failed for {0} because user is not found in the registry.
Explanation: Authentication failed because of non existent user.
User Response: Make sure the user is valid in the registry. When using LDAP make sure that the user is searchable. The admin id in some LDAP servers may not be searchable.

SECJ0362E: Cannot create credential for the user {0}.
Explanation: Cannot find user to create credential.
User Response: Make sure the user is valid in the registry. Contact your service representative if the problem persists.

SECJ0363E: Cannot create credential for the user {0} because of the following exception {1}.
Explanation: Cannot create credential.
User Response: Make sure the user is valid in the registry. If this is preceeded by other exceptions look into them to narrow down the problem. Contact your service representative if the problem persists.

SECJ0364E: Cannot initialize ltpa object because of the following exception {0}.
Explanation: The LTPA server object cannot be initialized.
User Response: The primary reason this happens is because the ltpa keys cannot be decrypted using the ltpa password. This happens because the password that is used to encrypt the keys is not same one that is saved in the repository.The server may not come up when this problem occurs. If this happens disable security, start the server, enter a new password for LTPA, save it, generate the keys, do another save to save the keys, turn on security, stop and restart the server. Contact your service representative if the problem persists.

SECJ0365E: Cannot create security object during initialization.
Explanation: Cannot create the security object from repository. Internal Error.
User Response: The security.xml might be corrupted or missing. Contact your service representative.

SECJ0366E: Cannot obtain the WAS process type during initialization.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0367W: Warning, LTPA is configured as the authentication mechanism but SSO is disabled. Web applications that use FormBased Login, including the WebSphere web based admin console, may not work correctly.
Explanation: SSO is required for FormBased logon to work in Web applications when LTPA is the authentication mechanism.
User Response: If this is the intended configuration then ignore this warning. If this is not the intended configuration, then the enabled attribute of Single Signon element in the security.xml must be set to the true value.

SECJ0368E: No such LTPA Algorithm. The exception is {0}.
Explanation: This is an internal error. A NoSuchAlgorithmException occurred when the LTPAServer tried to sign the token.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0369E: Authentication failed when using LTPA. The exception is {0}.
Explanation: Authentication has failed when using LTPA.
User Response: There could be multiple reasons why this might have occurred. Most of the time this should have preceeded with other exceptions that will indicate what the exact problem is. This might occur if the userName and/or password are incorrect, if the setup of the registry is not valid. If problems persist contact your service representative.

SECJ0370E: Validation of the token failed because the token is null.
Explanation: Cannot validate the token since the token is null.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0371W: Validation of the LTPA token failed because the token expired with the following info: {0}.
Explanation: Cannot validate the token since the token has expired.
User Response: Once the token time out is reached, the token will not be validated and the user has to authenticate again. This is normal. Make sure that all the WebSphere nodes and cell(s) are synchronized with respect to time, date and time zone. One can change the token expiration time if required.

SECJ0372E: Validation of the inbound LTPA token failed. The configured LTPA keys are probably not the ones that generated the token signature.
Explanation: It's likely the LTPA keys are not the correct ones to verify the signature of the token.
User Response: This would happen if the keys encrypting the token are not the same as the ones decrypting. If a new set of keys were generated this is an expected error as the tokens signed with old keys will not work anymore. Otherwise, contact your service representative if the problem persists.

SECJ0373E: Cannot create credential for the user {0} due to failed validation of the LTPA token. The exception is {1}.
Explanation: Internal Error. Cannot create a credential after the token is validated.
User Response: This is typically due to an expired token or a token created with different LTPA keys. If the token is expired, you might need to increase the LTPA timeout, if necessary. If the keys are not the same, ensure one set of LTPA keys are used in all cells that interopate, or ensure that a newly added node has synchronized.

SECJ0374E: The accessID in the token contains the wrong type. It should be either user or group. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0375E: Mismatch of realms during token validation.
Explanation: The realm in the token does not match the current realm.
User Response: This error can occur when a token is passed between one cell to another cell and the realm do not match in these cells. If using LDAP make sure that both cells use the same host name and port number.

SECJ0376E: Error importing LTPA keys. The exception is {0}.
Explanation: Cannot import LTPA keys.
User Response: This occurs when the password used to import the keys does not match the password that encrypted the keys. Make sure that the password is the same. If problem persists, contact your service representative.

SECJ0377E: Error exporting LTPA keys. The exception is {0}.
Explanation: Cannot export LTPA keys.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0378E: Cannot get SecurityServer in the security MBean.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0379E: Cannot get LTPAServer in the security MBean.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ0380W: The keystore or truststore type specified is invalid. Adjusting to use the correct type, however, please correct the SSL configuration for performance reasons.
Explanation: The keystore or truststore type specified is invalid.
User Response: Modify the SSL configuration so that the keystore or truststore type is a valid type. You can check the keystore and truststore types by loading them in WebSphere's IKeyMan tool.

SECJ0381I: Warning, the com.ibm.websphere.java2secman.norethrow property is true. The WebSphere Java 2 Security Manager is not rethrowing AccessControl exceptions. This debug setting should not be used in a production environment. Please see the InfoCenter for Java 2 Security debugging features.
Explanation: The com.ibm.websphere.java2secman.norethrow property, when it has a true value, instructs the Java 2 Security Manager to NOT rethrow AccessControl exceptions. This property is intented to aid developers when preparing their application for Java 2 Security. When this property value is true, the Security Manager only reports the AccessControl exception but does not rethrow or propagate the exception up the call stack. This may permit applications to access resources that would they would not otherwise have access to. This property should not be specified in a production environment, only in a debug or application development environment.
User Response: If this message is unexpected or the application is running in a production environment, remove the com.ibm.ws.java2secman.norethrow property setting unless you understand the consequences.

SECJ0382I: The alias {0} from the server level security has not been updated to the cell.
Explanation: Informational.
User Response: During the server and the cell security object merging, if a same alias name exists in both, the alias will not be copied to the cell configuration. This is as designed. In the normal circumstance this should not happen since the alias names are unique. However, if a removeNode has been performed prior to the addNode, one might see this message as the removeNode will not remove the exisintg aliases. Also, if the alias names in the security.xml file was manually changed this message will show up if the aliases match.

SECJ0383I: Proceeding with merging the server's security configuration with the cell's for this Application Server.
Explanation: Informational.
User Response: This message shows up when the Application Server contains its own security configuration that needs to be merged with cell level configuration.

SECJ0384E: Trust Association Init Error. The Trust Association interceptor implementation {0} initialization failed. The error status/exception is {1}.
Explanation: The initialization of this Trust Association implementation failed.
User Response: Verify that the appropriate Trust Association properties required for the initialization are set up correctly. If you are using your own implementation check your initilization method for any problems. If a single Trust Association implementation is used, this would indicate that the Trust Association will not be in effect. However, if multiple TrustAssociation implementations are used, Trust Association can be in effect if one of the implementations succeeds.

SECJ0385W: Cannot find and load the FIPS approved IBM JSSE or JCE providers. This may be a problem if your environment must use FIPS approved cryptographic algorithms and you are not using your own FIPS approved providers. The error status/exception is {0}.
Explanation: Cannot find and load the FIPS approved IBM JSSE or JCE providers. It is a problem in the case when IBM FIPS approved JCE provider is missing because WAS depends on it when requiring to use FIPS approved provider. Missing FIPS approved IBM JSSE provider may not be a problem provided that you have configured ito use your own FIPS approved JSSE provider.
User Response: Make sure that the missing provider jar, if needed, is in the JDK ext directory.

SECJ0386I: Initializing registry to use Tivoli Access Manager for authentication.
Explanation: Authenticaton will be perfomed using Tivoli Access Manager. This requires that WebSphere is configured to use an external Tivoli Access Manager server.
User Response: None, informational only.

SECJ0387E: Could not find the factory class {0} specified for this token. The exception is {1}.
Explanation: The LTPA TokenFactory implementation is likely not present in the classpath.
User Response: Ensure the LTPA TokenFactory implementation is located in the WebSphere classpath. Typically these implementations are put in the ${WAS_INSTALL_ROOT}/classes directory.

SECJ0388E: The LTPA TokenFactory {0} returned is null.
Explanation: The LTPA TokenFactory implementation is likely not present in the classpath or it cannot be initialized.
User Response: Ensure the LTPA TokenFactory implementation is located in the WebSphere classpath. Typically these implementations are put in the ${WAS_INSTALL_ROOT}/classes directory.

SECJ0389E: The LTPA TokenFactory {0} could not create a new LTPA token. The exception is {1}.
Explanation: The LTPA TokenFactory implementation had a problem in the createToken method or the keys used to create a token were not present.
User Response: Ensure the LPTA keys are configured properly and check the createToken implementation on the TokenFactory interface.

SECJ0394E: Principal exists in Subject returned by TAI.getSubject() but it does not implement java.security.Principal.
Explanation: The Trust Association Interceptor did not have the correct principal in the Subject. The principal must implement java.security.Principal.
User Response: Contact the provider of the Trust Association Interceptor to ensure this problem gets resolved.

SECJ0395E: Could not locate the SecurityServer at host/port:{0} to validate the userid and password entered. You may need to specify valid securityServerHost/Port in (WAS_INSTALL_ROOT)/properties/sas.client.props file.
Explanation: A SecurityServer could not be located for login.
User Response: In some cases it is necessary to specify a valid bootstrap host/port in the com.ibm.CSI.securityServerHost and com.ibm.CSI.securityServerPort properties in the ${WAS_INSTALL_ROOT}/properties/sas.client.props file. See sas.client.props for details.

SECJ4000E: JAAS Login Exception occurred at {0}.
Explanation: JAAS Login exception occurred while refreshing the credential.
User Response: Please confirm user id, password and realm information are correct. If you still see the problem, contact your service representative with exception stack trace information present in the error log.

SECJ4001E: Login failed for {0}/{1} {2}
Explanation: Authentication can fail for many reasons. The user or password may not have been entered correctly, misspelled for instance. The user account may not exist, may have expired, or be disabled. The password may have expired or require a change at first logon. If WebSphere security is configured to use LDAP as the user registry, the WebSphere security LDAP user and group search filter configuration may not match what the LDAP directory expects.
User Response: Confirm if the user information(realm name, user name, password) is valid. Try authenticating the user directly to the configured user registry outside of WebSphere authentication to verify the user and password are valid in the user registry. The WebSphere InfoCenter documents additional user account requirements for certain user registries.

SECJ4002E: No CORBA Credentials for {0}/{1}
Explanation: Authentication failure occurred while invoking login() of realm/user since there is no CORBA credential.
User Response: Confirm if the user information(realm name, user name password) is valid.

SECJ4003E: Credential token login is not valid for LocalOS
Explanation: JAAS Login failure occurred while invoking login() with token for LocalOS.
User Response: LocalOS does not support login with token. Please make sure the application program is valid.

SECJ4004E: Login failed for credential token {0}
Explanation: JAAS Login failure occurred while invoking login() with token.
User Response: Please check the user authenticate data is correct. Enabling security debug trace will provide the details.(com.ibm.ws.security.auth.* )

SECJ4005E: No CORBA Credentials for credential token
Explanation: JAAS Login returned null credential while invoking login() with token. There is no CORBA Credential.
User Response: login returned null Credential. Please check the user application how it authenticate. Enabling security debug trace will provide the details.(com.ibm.ws.security.auth.* )

SECJ4006E: Invalid Credential Type {0}
Explanation: Getting the JAAS subject from CORBA credential failed with exception.
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ4007E: Not suppose to construct WSLoginHelperImpl object
Explanation: WSLoginHelperImpl object instance should not be constructed.
User Response: Check the user application. WSLoginHelperImpl should not be directly constructed.

SECJ4008E: Missing some of the authentication data
Explanation: Some of the authentication data is missing.
User Response: Check the next message. It identifies what is missing.

SECJ4009E: Either user name, realm or password data is missing.
Explanation: User name, realm name or password is missing.
User Response: Confirm the necessary authentication data is passed. Enabling security debug trace for component com.ibm.ws.security.auth.* may yield additional information.

SECJ4010E: Credential Token is null or empty array
Explanation: Credential token is missing.
User Response: Confirm the necessary authentication data is passed.

SECJ4011E: com.ibm.ejs.oa.EJSORB.getORBInstance() returns null
Explanation: com.ibm.ejs.oa.EJSORB.getORBInstance() returns null
User Response: Please check if ORB is initialized correctly in user application.

SECJ4012E: Error getting SecurityCurrent from the ORB {0}
Explanation: Getting security current caused an exception.
User Response: Please check if ORB is initialized correctly in user application.

SECJ4013E: An unexpected IOexception occurred in Login Module {0} CallbackHandler. The exception is {1}
Explanation: Exception occurred while processing callbacks
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ4014E: Login Module {0} detected unsupported {1} callback in CallbackHandler {2}
Explanation: Unsupported Exception occurred while processing callbacks
User Response: Check the application. Contact your service representative with exception stack trace information present in the error log if the problem persists.

SECJ4015E: An unexpected exception occurred during the JAAS login commit action in Login Module {0}. The exception is {1}.
Explanation: Exception occurred while committing LoginModule
User Response: Check the application. Contact your service representative with exception stack trace information present in the error log if the problem persists.

SECJ4016E: An unexpected exception occurred in Login Module {0} when removing principal {1} during cleanup. The exception is {2}
Explanation: Exception occurred while removing the principal.
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ4017E: An unexpected exception occurred in Login Module {0} when removing WSCredential during cleanup {1}
Explanation: Exception occurred while removing the credential.
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ4018E: Removing CORBA Credential during cleanup {0}
Explanation: Exception occurred while removing CORBA credential.
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ4019E: Not supposed to construct Util object
Explanation: Util object instance should not be constructed.
User Response: Check the user application. Util should not be directly constructed.

SECJ4020E: CORBA: Invalid Attribute Type: {0} {1}
Explanation: CORBA credential has invalid attribute.
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ4021E: CORBA: Duplicate Attribute Type: {0} {1}
Explanation: CORBA credential has duplicate attributes.
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ4022E: CORBA: Not suppose to construct CredentialsHelper object
Explanation: CredentialsHelper object instance should not be constructed.
User Response: Check the user application. CredentialsHelper should not be directly constructed.

SECJ4023E: Failed to create a Configuration instance.
Explanation: Failed to create a configuration instance
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ4024W: {0} :Warning: getAppConfigurationEntry() was called with no configuration name.
Explanation: getAppConfigurationEntry() was called with null string.
User Response: Check the parameter if it is called from user application. If not, Contact your service representative.

SECJ4025E: unable to get system input stream {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ4026W: WSDefaultPrincipalMapping() should not be invoked.
Explanation: WSDefaultPrincipalMapping() should not be invoked.
User Response: This is warning. Check the user application. WSDefaultPrincipalMappingshould not be directly constructed.

SECJ4027W: {0} does not exist, use {1} wsj2cdpm.properties
Explanation: Specified file did not exist. Use the default file.
User Response: This is warning. Check the specified file name.

SECJ4028E: Unexpected Exception caught in new URL {0} : Exception is {1}
Explanation: Unexpected exception occurred while creating a new URL.
User Response: Check the specified URL. Contact your service representative with exception stack trace information present in the error log.

SECJ4029E: Unexpected Exception caught in openStream URL {0} : Exception is {1}
Explanation: Unexpected Exception occurred while opening an URL.
User Response: Check the specified URL. Contact your service representative with exception stack trace information present in the error log.

SECJ4030E: Unrecognizable Callback index = {0} {1}
Explanation: Unrecognizable Callback is passed.
User Response: Contact your service representative with information present in the error log.

SECJ4031E: Unexpected IOException caught {0}
Explanation: Unexpected IOException was caught while processing callbacks.
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ4032E: Method {0} detected missing or malformed data when trying to perform conversion. The data item name is {1} and value is {2}.
Explanation: Internal problem related to malformed or corrupt data storage.
User Response: Contact your service representative with exception stack trace information present in the error log.

SECJ4033E: The LoginContext does not contain a Subject after authenticating user {0} with LoginModule alias {1}.
Explanation: The LoginModule did not create a Subject. There is a problem with the LoginModule
User Response: This problem could be due to a configuration error in security.xml or an internal error.

SECJ4034I: Token Login failed. If the failure is due to an expiring token, verify the system date and time of the WebSphere nodes are synchronized or consider increasing the token timeout value. Authentication mechanism {0} and exception is {1}
Explanation: Token Authentication failure may be caused by an expired token, invalid token or a date or time synchronization problem between WebSphere nodes. Web browsers often cache WebSphere SSO cookies which contain the token to validate. These tokens do expire.
User Response: Token validation failures are not always unexpected given that tokens can expire. May consider increasing timeout value or verifying that the system date and time between WebSphere nodes is synchronized.

SECJ4035E: {0} :ERROR: Could not get System property: {1}
Explanation: Failed to get the specified property.
User Response: Please check if you defined the specified property correctly.

SECJ4036E: {0} : Error: An exception occurred when trying to reflect on or invoke convertMapToString(). The exception is {1}
Explanation: Exception occurred trying to reflect on or invoke convertMapToString().
User Response: Please investigate the exception. Check classpath.

SECJ4037E: {0} :ERROR: Could not open URL: {1}. The exception is {2}
Explanation: MalformedURLException occurred trying to connect the specified URL.
User Response: Please investigate the exception. Check the specified URL.

SECJ4038E: {0} :ERROR: Could not create URL: {1}. The exception is {2}
Explanation: IOException occurred trying to connect the specified URL.
User Response: Please investigate the exception. Check the specified URL.

SECJ4039E: {0} :ERROR: A file parser exception occurred with file : {1}. The exception is {2}
Explanation: IOException occurred trying to connect the specified URL.
User Response: Please investigate the exception. Check the specified URL.

SECJ4040W: {0} :Warning: update() method passed either a null or empty string.
Explanation: null or empty string was passed to update() method.
User Response: This is a warning.

SECJ4041E: {0} :ERROR: Could not create or open StringReader: {1}. The exception is {2}.
Explanation: Could not create or open the specified StringReader.
User Response: Please investigate the exception.

SECJ4042E: {0} :ERROR: A file parser exception occurred with file : {1}. The exception is {2}
Explanation: IOException occurred trying to connect the specified stringreader.
User Response: Please investigate the exception. Check the specified string.

SECJ4043W: {0} :Warning: An unexpected IOException occurred when closing a stream.
Explanation: Unexpected IOException occurred trying to close a stream.
User Response: This is a warning.

SECJ4044E: WCCM jaas objects is not yet load.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ4045E: {0} : Error: An exception occurred when trying to reflect on or invoke convertMapToString(). The exception is {1}
Explanation: Exception occurred trying to reflect on or invoke convertMapToString().
User Response: Please investigate the exception. Check classpath.

SECJ4046E: Duplicate login config name {0}. Will over write.
Explanation: Duplicate login config name was specified in the configuration data.
User Response: Please check the configuration data.

SECJ4047E: IOException occurred during parsing jaas application configuration. The exception is {0}
Explanation: IOException occurred during parsing jaas application configuration.
User Response: Please check the configuration file. Please investigate the exception.

SECJ4048E: ParserException occurred during parsing jaas application configuration. The exception is {0}
Explanation: ParserException occurred during parsing jaas application configuration.
User Response: Please investigate the exception. It has the information of syntax error in the configuration file.

SECJ4049E: Error creating credential from registry object. The exception is {0}.
Explanation: Unexpected exception occurred while creating and initializing the user registry.
User Response: Check the application and the registry set up. Contact your service representative if the problem persist.

SECJ4050E: An unexpected exception is caught: {0}.
Explanation: Unexpected exception occurred while restoring the credential.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ4051E: PrivilegedActionException is caught while serialized Subject is being restored. The exception is {0}.
Explanation: PrivilegedActionException occurred while restoring the credential. This exception is a wrapper of the exception thrown in doPrivileged block.
User Response: Please investigate the real source of the exception. Contact your service representative if the problem persist.

SECJ4052E: InvalidCredentialType exception is caught while serialized Subject is being restored. The exception is {0}.
Explanation: InvalidCredentialType exception occurred while restoring the credential.
User Response: Please investigate the SAS problem. Contact your service representative if the problem persist.

SECJ4053E: InvalidCredential exception is caught while serialized Subject is being restored. The exception is {0}.
Explanation: InvalidCredentialType exception occurred while restoring the credential.
User Response: Please investigate the SAS problem. Contact your service representative if the problem persist.

SECJ4054E: InvalidCredentialType exception is caught while serialized Subject is being restored. The exception is {0}.
Explanation: InvalidCredentialType exception occurred while restoring the credential.
User Response: Please investigate the SAS problem. Contact your service representative if the problem persist.

SECJ4055E: InvalidCredential exception is caught while serialized Subject is being restored. The exception is {0}.
Explanation: InvalidCredentialType exception occurred while restoring the credential.
User Response: Please investigate the SAS problem. Contact your service representative if the problem persist.

SECJ4056E: Error getting initial context. The exception is {0}.
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ5000E: The following exception occurred while creating the attribute propagation token: {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ5001E: The following exception occurred while creating the attribute propagation token holder list from the authorization token: {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ5002W: An error occurred while serializing the custom object {0} from the current Subject. This does not cause the request to fail but this custom object will not get propagated.
Explanation: The object mentioned above probably does not implement the java.io.Serializable interface.
User Response: Ensure the object implements the java.io.Serializable interface to ensure it gets propagated downstream.

SECJ5003W: An error occurred while de-serializing a custom object from the inbound authorization token. This does not cause the request to fail but this custom object will not get restored in the inbound Subject.
Explanation: The object failed to de-serialize at the target server. The likely cause is the implementation class is not present on the target server or the Java class version between the sending server and target server is different.
User Response: Ensure the correct java class exists at the target server.

SECJ5004W: Trying to add propagation token name {0} and version {1} that already exists on the thread. The existing PropagationToken is returned and will not be overwritten.
Explanation: Cannot overwrite an existing PropagationToken. The existing one is returned, so use it to set new attributes given the proper permission.
User Response: Check the addPropagationToken SPI for the value returned. A null value indicates this is the first time the token is added. A non-null value indicates you are setting the token again which is not allowed. Use the returned value to add new attributes.

SECJ5005E: Cannot create WSCredential without a valid com.ibm.wsspi.security.cred.uniqueId property value.
Explanation: The com.ibm.wsspi.security.cred.uniqueId property has not been found during a properties login attempt.
User Response: Ensure that the java.util.Hashtable used for a properties login contains a valid property value for com.ibm.wsspi.security.cred.uniqueId.

SECJ5006E: Cannot create WSCredential without a valid com.ibm.wsspi.security.cred.securityName property value.
Explanation: The com.ibm.wsspi.security.cred.securityName property has not been found during a properties login attempt.
User Response: Ensure that the java.util.Hashtable used for a properties login contains a valid property value for com.ibm.wsspi.security.cred.securityName.

SECJ5007E: Cannot create WSCredential without a valid com.ibm.wsspi.security.cred.longSecurityName property value.
Explanation: The com.ibm.wsspi.security.cred.longSecurityName property has not been found during a properties login attempt.
User Response: Ensure that the java.util.Hashtable used for a properties login contains a valid property value for com.ibm.wsspi.security.cred.longSecurityName.

SECJ5008W: The realm specified in com.ibm.wsspi.security.cred.realm ({0}) does not match the current realm ({1}). This could cause problems when trying to make a downstream request.
Explanation: The realm specified does not match the current security realm of this server. This could cause problems when trying to go downstream to another server on the same current realm.
User Response: If a different realm is desired, set the supportedTargetRealms field to include the new realm you are specifying in order to go outbound to servers in the current realm.

SECJ5009E: Could not create a WSCredential given the information provided during a propagation login. The following exception occurred: {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ5010E: Could not create default AuthenticationToken during propagation login. The following exception occurred: {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ5011E: Could not create default AuthorizationToken during propagation login. The following exception occurred: {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ5012E: Could not create default SingleSignonToken during propagation login. The following exception occurred: {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

SECJ5013E: Could not create default SingleSignonToken during propagation login. The following exception occurred: {0}
Explanation: This exception is unexpected. The cause is not immediately known.
User Response: If the problem persists, see problem determination information on the WAS Support page.

Last updated: Thu Oct 21 12:17:16 EDT 2004
Library | Support | Trademarks | Feedback