|
BEA-090000
|
Error: Unsupported circular group definition, arg0.
|
Description
| Circular groups are not supported because they cause the server to loop endlessly when any method attempts to traverse the group tree graph.
|
|
Cause
| Unsupported Feature.
|
|
Action
| Do not define circular groups.
|
|
|
BEA-090001
|
Error: Failed to broadcast LoginFailureRecord to the other cluster servers, arg0.
|
Description
| The failure to broadcast a login failure to all the servers in a cluster means that some of the servers have one less invalid login attempt recorded for a particular user. This difference effects how quickly the user account is locked on those servers.
|
|
Cause
| IO Exception.
|
|
Action
| For more information on how the invalid login attempts are handled, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090002
|
Error: Failed to broadcast unlock user arg0 to the other clustered servers.\narg1
|
Description
| Because all the servers in a cluster did not receive the unlock user message, the user may not be able to login to some servers in the cluster if the user attempts a login before the expiration of the LockoutDuration period. Explicitly unlocking the user account using the Administration Console results in another attempt to broadcast the unlock user message to the entire cluster.
|
|
Cause
| IO Exception.
|
|
Action
| For more information on how locked user account lockouts are handled, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090003
|
Warning: Problem with native crypto acceleration switching to pure Java.
|
Description
| Problem with native crypto acceleration switching to pure Java.
|
|
Cause
| None.
|
|
Action
| No action required.
|
|
|
BEA-090004
|
Warning: Problem closing enumeration : arg0.
|
Description
| Unexpected exception occurred while closing an enumeration.
|
|
Cause
| Unexpected exception.
|
|
Action
| Review the exception message in the log message and see if the message identifies the cause of the exception.
|
|
|
BEA-090010
|
Warning: ACL arg0 contains non-existent principal arg1 - ignoring principal.
|
Description
| An ACL contains an entry for a principal that does not exist, the principal is ignored.
|
|
Cause
| The principal contained in the ACL does not exist.
|
|
Action
| Modify the ACL and remove the principal.
|
|
|
BEA-090020
|
Info: User lockout expired, unlocking user arg0.
|
Description
| user arg0 has been locked out for the specified lockout time. The user has been unlocked and can login again.
|
|
|
BEA-090021(retired)
|
Info: Locking account, user arg0.
|
Description
| Locking account, user arg0.
|
|
Cause
| The user exceeded the number of invalid login attempts defined for the Lockout Threshold and the Lockout Reset Duration attributes. Therefore, the user account is locked.
|
|
Action
| For information about unlocking user accounts, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090022
|
Info: Explicitly unlocked, user arg0.
|
Description
| A locked user account was explicitly unlocked using the Administration Console.
|
|
Action
| For information about unlocking a user account, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090030
|
Info: Switched to Group arg0.
|
Description
| Thread group identity has been switched to a different group.
|
|
|
BEA-090031
|
Error: Failed to Switch to Group arg0.
|
Description
| The server failed to switch the operating system level group identity.
|
|
Cause
| The current process lacks the operating system permissions needed to switch the group identity.
|
|
Action
| Contact the system administrator.
|
|
|
BEA-090032
|
Info: Switched to User arg0.
|
Description
| The thread user identity has been switched to a different user.
|
|
|
BEA-090033
|
Error: Failed to Switch to User arg0.
|
Description
| The server failed to switch the operating system level user identity.
|
|
Cause
| The current process lacks the operating system permissions needed to switch user identity.
|
|
Action
| Contact the system administrator.
|
|
|
BEA-090034
|
Emergency: Not listening for SSL, arg0.
|
Description
| The server failed to start the SSL listen thread.
|
|
Cause
| An IOException was thrown when creating the SSL listen thread.
|
|
Action
| Read the exception text for more help on diagnosing the problem. Contact the system administrator.
|
|
|
BEA-090035(retired)
|
Info: Not listening on administrative port, arg0.
|
Description
| Not listening on administrative port, arg0.
|
|
|
BEA-090036(retired)
|
Info: Read access denied for package: arg0.
|
Description
| Read access denied for package: arg0.
|
|
|
BEA-090037(retired)
|
Info: Write access denied for package: arg0.
|
Description
| Write access denied for package: arg0.
|
|
|
BEA-090038
|
Info: Checking User arg0 for Permission arg1 arg2.
|
Description
| Checking User arg0 for Permission arg1 arg2.
|
|
|
BEA-090039
|
Info: Access failed (Thread = arg0), caused arg1.
|
Description
| Access failed (Thread = arg0), caused arg1.
|
|
|
BEA-090040
|
Warning: The File realm contains more users than the maximum specified. Maximum = arg0, currently have arg1.
|
Description
| The File realm contains more users than the maximum specified in the Max Users attribute.
|
|
Cause
| The File realm sets a limit on the maximum number of supported users. The system has exceeded that limit.
|
|
Action
| Raise the value of the Max Users attribute.
|
|
|
BEA-090041
|
Warning: The File realm contains more groups than the maximum specified. Maximum = arg0, currently have arg1.
|
Description
| The File realm contains more groups than the maximum specified in the Max Groups attribute.
|
|
Cause
| The File realm sets a limit on the maximum number of supported groups. The system has exceeded that limit.
|
|
Action
| Raise the value of the Max Groups attribute.
|
|
|
BEA-090042
|
Warning: The File realm contains more ACLs than the maximum specified. Maximum = arg0, currently have arg1.
|
Description
| The File realm contains more ACLs than the maximum specified in the Max ACLs attribute.
|
|
Cause
| The File realm sets a limit on the maximum number of supported ACLs. The system has exceeded that limit.
|
|
Action
| Raise the value of the Max ACLs attribute.
|
|
|
BEA-090043
|
Warning: Group arg0 should exist but doesn't.
|
Description
| Referenced group does not exist.
|
|
Cause
| When adding members to a group, the specified group was not found.
|
|
Action
| Verify that the group is defined in the fileRealm.properties file or in the Groups tab of the Administration Console.
|
|
|
BEA-090044
|
Warning: Principal arg0 does not exist and therefore cannot be added to group arg1.
|
Description
| Unable to add a principal that does not exist to group.
|
|
Cause
| When specifying group members, a principal that does not exist was specified.
|
|
Action
| Add the specified principal to a security realm.
|
|
|
BEA-090045
|
Warning: Permission arg0 does not exist.
|
Description
| Permission arg0 does not exist.
|
|
Cause
| When loading ACLs, the specified permission was not found.
|
|
Action
| Verify that the ACL and the permission are specified correctly.
|
|
|
BEA-090046
|
Warning: ACL arg0 does not exist.
|
Description
| Unable to lookup an ACL entry that does not exist.
|
|
Cause
| When loading ACLs, the specified permission was not found.
|
|
Action
| Verify that the ACL is specified correctly.
|
|
|
BEA-090047
|
Warning: Principal arg0 does not exist thus cannot be added to ACL arg1.
|
Description
| The principal does not exist and therefore cannot be added to an ACL.
|
|
Cause
| The principal specified in the ACL does not exist in any security realm.
|
|
Action
| Add the principal to a security realm.
|
|
|
BEA-090048
|
Warning: Made an in-memory only change to the File realm.
|
Description
| Changes have been made to the File realm on a Managed server and these changes can only be made in memory.
|
|
Cause
| Changes made to the File realm cannot be written to filerealm.properties.
|
|
Action
| Make the changes on the Admin server and the changes are propagated to the Managed servers.
|
|
|
BEA-090049
|
Warning: System user arg0 does not exist, creating it.
|
Description
| If the system user is not present in any security realm, then it is created automatically with the password of the username that logged into the system.
|
|
Cause
| The system user is required.
|
|
Action
| Ensure the system user was created in a security realm before booting the server.
|
|
|
BEA-090050(retired)
|
Warning: Guest user does not exist, creating it.
|
|
BEA-090051
|
Error: Error creating security runtime management.
|
Description
| During the initialization of the security service, the MBean for security failed to initialize.
|
|
Cause
| During initialization, the security runtime registers with the OAM infrastructure. If this process fails, a management exception is thrown.
|
|
Action
| Verify that the user booting the server is a member of the admin group.
|
|
|
BEA-090052
|
Critical: Server installed as Windows NT service with incorrect password for user arg0; The password may have been changed since the server was installed as a Windows NT Service. Contact the Windows NT system administrator.
|
Description
| User authentication failed; contact the Windows NT system administrator.
|
|
Cause
| The server is incorrectly configured as Windows NT service.
|
|
Action
| Contact the Windows NT system administrator.
|
|
|
BEA-090053(retired)
|
Emergency: Authentication failure - enter the password to boot WebLogic server again.
|
Description
| Authentication for user denied; enter the correct password.
|
|
Cause
| The password entered in a command-line argument or in the password.ini file is incorrect.
|
|
Action
| Enter the correct password.
|
|
|
BEA-090054(retired)
|
Info: Getting boot password from user.
|
Description
| Password for booting WebLogic server is incorrect or missing. Successfully obtained password from user.
|
|
|
BEA-090055
|
Warning: The LDAP realm V1 is deprecated. Please use the LDAP realm V2.
|
Description
| There are two different LDAP security realms, LDAP realm V1 and LDAP realm V2. WebLogic Server also provides LDAP Authentication providers. Upgrade to the newer LDAP security realm or to one of the LDAP Authentication providers.
|
|
Cause
| The LDAP realm V1 is deprecated and will be removed in a future release.
|
|
Action
| Use LDAP realm V2 or one of the LDAP Authentication providers.
|
|
|
BEA-090056
|
Notice: User userName hadnumAttempts, locking account for lockoutDuration minutes.
|
Description
| Too many invalid login attempts have been made for this user account. The user account is locked until the Lockout Duration expires.
|
|
Cause
| User exceeded the value of Lockout Threshhold attempts within the period of time specified in the Lockout Reset Duration attribute. The user account is locked.
|
|
Action
| For more information about protecting user accounts, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090057
|
Error: Default Security Audit Provider Error Exception arg0
|
Description
| An exception occurred in the WebLogic Auditing provider while attempting to write an Audit Record
|
|
Cause
| An Audit Log File exception occurred.
|
|
Action
| Check errors or access permissions for the DefaultAuditRecorder.log file.
|
|
|
BEA-090058
|
Error: A Security Provider Exception occurred in a non-default AuditProvider arg0
|
Description
| See the error logging information for the Auditing provider for details.
|
|
Cause
| A Security exception occurred during an audit write event.
|
|
Action
| Check errors or access permissions for the Auditing provider.
|
|
|
BEA-090059
|
Warning: The "accessDecisionClassName" AccessDecision class encountered an invalid Principal while attempting to check access to a WebLogic resource. Error: e
|
Description
| Access to a WebLogic resource is denied because the Principal that was previously successfully authenticated no longer is a valid Principal. Access to the requested WebLogic resource is denied.
|
|
Cause
| It is possible for this error to occur if a user has been deleted from a security realm while that user is still active.
|
|
Action
| If the user was mistakenly removed from the security realm, define them in the security realm again. Otherwise, no action is needed.
|
|
|
BEA-090060
|
Error: The AccessDecision class "accessDecisionClassName" returned an error: e.
|
Description
| While attempting to check access to a WebLogic resource, an AccessDecision returned an exception.
|
|
Cause
| There are multiple possible causes.
|
|
Action
| Carefully read the returned error to determine if any action is required.
|
|
|
BEA-090061
|
Error: The RoleMapper class "roleMapperClassName" returned an error: e.
|
Description
| While attempting to return a list of security roles, a Role Mapping provider returned an exception.
|
|
Cause
| There are multiple possible causes.
|
|
Action
| Carefully read the returned error to determine if any action is required.
|
|
|
BEA-090062
|
Error: The UserProfiler class "userProfilerClassName" returned an error: e.
|
Description
| While attempting to return a user profile, a User Profiler returned an exception.
|
|
Cause
| There are multiple possible causes.
|
|
Action
| Carefully read the returned error to determine if any action is required.
|
|
|
BEA-090063
|
Error: The DeployableRoleMapper "deployableRoleProviderClassName" returned an error: e.
|
Description
| While attempting to deploy, redploy, undeploy, or delete a security role, a deployable Role Mapping provider returned an exception.
|
|
Cause
| There are multiple possible causes.
|
|
Action
| Carefully read the returned error to determine if any action is required.
|
|
|
BEA-090064
|
Error: The DeployableAuthorizer "deployableAuthorizationProviderClassName" returned an error: e.
|
Description
| While attempting to deploy, redploy, undeploy, or delete a security policy, a deployable Authorization provider returned an exception.
|
|
Cause
| There are multiple possible causes.
|
|
Action
| Carefully read the returned error to determine if any action is required.
|
|
|
BEA-090065
|
Info: Getting boot identity from user.
|
Description
| The identity used for booting WebLogic server is incorrect or missing. Obtained identity from user.
|
|
Cause
| The boot identity not provided by command-line argument or a problem exists with the boot.properties file.
|
|
|
BEA-090066
|
Warning: Problem handling boot identity. The following exception was generated: exception
|
Description
| An unexpected exception occurred during the handling of boot identity.
|
|
Cause
| Security permissions are not correct.
|
|
Action
| Contact the system administrator.
|
|
|
BEA-090067
|
Info: User lockout expired, unlocking user arg0 in security realm arg1.
|
Description
| User lockout expired, unlocking user.
|
|
Cause
| The period of time specified for the Lockout Duration attribute has expired for this user account. The user account was locked for exceeding the number of invalid login attempts specified in the Lockout Threshold attribute within the period of time specified in the Lockout Reset Duration attribute.
|
|
|
BEA-090068(retired)
|
Info: Explicitly unlocked user arg0 in security realm arg1.
|
Description
| Explicitly unlocked user.
|
|
Cause
| A locked user account was explicitly unlocked using the Administration Console.
|
|
Action
| For more information about unlocking user accounts, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090069(retired)
|
Error: Failed to broadcast LoginFailureRecord for user arg0 in security realm arg1 to the other cluster servers, arg2.
|
Description
| The failure to broadcast the login failure to other servers in a cluster means that the servers have one less invalid login attempt recorded for this user. Therefore, the user account may not be locked on all servers in a cluster at the same time.
|
|
Cause
| IOException
|
|
Action
| For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090070
|
Error: Failed to broadcast unlock user arg0 in security realm arg1 to the other cluster servers, arg2.
|
Description
| Because not all servers in a cluster receive this message at the same time, the user may not be able to login to other servers in the cluster before the expiration of the Lockout Duration period. Unlocking the user account through the Administration Console results in another attempt to broadcast the unlock user message.
|
|
Cause
| IOException
|
|
Action
| For more information about unlocking user accounts, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090071(retired)
|
Info: Locking user arg0 in security realm arg1.
|
Description
| The user account has exceeded the number of invalid login attempts specified in the Lockout Threshhold attribute within the period of time specified in the Lockout Reset Duration attribute. The user account is locked in the security realm.
|
|
Action
| For more information about protecting user accounts, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090072
|
Critical: Boot problem with filter rules. The reason was: e. The problem is in the rules for the connection filter.
|
Description
| A parse exception occurred while reading the filter rules for a connection filter.
|
|
Cause
| Rules for the filter are possibly corrupted.
|
|
Action
| Contact the system administrator and have the rules corrected.
|
|
|
BEA-090073
|
Warning: Problem with updating filter rules. The reason was: e. The problem is in the rules for the connection filter. The rules will not be updated in the repository.
|
Description
| A parse exception occurred while trying to update the rules for a connection filter.
|
|
Cause
| Rules for the filter are incorrect.
|
|
Action
| Correct the offending rules.
|
|
|
BEA-090074
|
Info: Initializing arg0 provider using LDIF template file arg1.
|
Description
| The security provider has not had its LDIF information loaded. An attempt is made to load the LDIF information.
|
|
Cause
| Either this is the first time this security provider has been initialized or the marker file indicating initialization (with a .initialized extension) has been removed from the system.
|
|
Action
| Look for a matching LoadedLDIFFForProvider message which indicates the successful loading the LDIF information for this security provider.
|
|
|
BEA-090075
|
Info: The arg0 provider has had its LDIF information loaded from: arg1
|
Description
| Successfully loaded LDIF for this security provider.
|
|
Cause
| The provider was requested to import data.
|
|
|
BEA-090076
|
Notice: A failure occurred attempting to load LDIF for provider arg0 from file arg1.
|
Description
| A failure occurred attempting to load LDIF for provider arg0 from file arg1. The exception is e.
|
|
Cause
| An exception occurred attempting to open a temporary file as part of the load process.
|
|
Action
| Examine the exception and correct the cause.
|
|
|
BEA-090077
|
Info: A failure occurred attempting to create arg1 for the arg0 provider had been loaded. The exception is arg2.
|
Description
| A successful load of the LDIF information for provider arg0 occurred. While attempting to write the marker file arg1 indicating the successful loading of the LDIF information, an exception occurred: arg2
|
|
Cause
| Read the exception.
|
|
Action
| Take appropriate action to keep the exception from happening again. The marker file can be created manually.
|
|
|
BEA-090078
|
Notice: User userName in security realm realmName has hadnumAttempts, locking account for lockoutDuration minutes.
|
Description
| Invalid login attempts exceeded the value set for this user account. The user account is locked until the Lockout Duration period expires.
|
|
Cause
| User exceeded the number of invalid login attempts specified in the Lockout Threshhold attribute within the period of time specified in the Lockout Reset Duration attribute. The user account is locked.
|
|
Action
| For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090079
|
Error: Failed to broadcast LoginFailureRecord for security realm arg0 to the other cluster servers, arg1.
|
Description
| The failure to broadcast the login failure to the other servers in the cluster means the servers have one less recorded invalid login attempt for this user. This affects how quickly the user is locked out on the other servers in a cluster.
|
|
Cause
| IO Exception.
|
|
Action
| For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090080
|
Info: The Server Private Key for server arg0 was found in SSL.ServerKeyFileName.
|
Description
| The server is using the private key specified in the Server Key File Name attribute.
|
|
Action
| For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090081(retired)
|
Error: The server was unable to find the SSL configuration.
|
Description
| The server is not configured to use SSL but is attempting to obtain SSL configuration information.
|
|
Action
| For more information on SSL configuration, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090082
|
Notice: Security initializing using security realm arg0.
|
Description
| This message is displayed when the security subsystem is initializing during server startup. This message logs the default configured security realm arg0.
|
|
Cause
| This message is for informational purposes.
|
|
Action
| Verify the correct security realm is configured.
|
|
|
BEA-090083
|
Notice: Storing boot identity in the file: file
|
Description
| The security system is storing the boot identity in the specified file either because the appropriate command-line argument was passed in or because the server generated a default config.xml file based on user input.
|
|
Cause
| This message is for informational purposes.
|
|
Action
| Do not delete this file if you want the server to continue to boot without prompting for username and password.
|
|
|
BEA-090084
|
Emergency: Server failed to bind to the configured Admin port. The port may already be used by another process.
|
Description
| The Admin listen port was not opened successfully. As a result the admin port cannot be used to administer the server via the Administration Console or other Administration clients.
|
|
Cause
| Most likely another process is using the Admin port thus causing a port conflict.
|
|
Action
| Inspect the log file for messages that identify the reason that the Admin listen port could not be opened.
|
|
|
BEA-090085
|
Emergency: Server failed to bind to the configured port. The port may already be used by another process.
|
Description
| None of the listen ports were opened successfully. As a result the listen or admin port cannot be used.
|
|
Cause
| Most likely another process opened the port thus causing a port conflict.
|
|
Action
| Inspect the log file for messages that identify the reason why none of the listen ports could be opened.
|
|
|
BEA-090086(retired)
|
Emergency: An SSL issue prevented the server from opening the Admin port. As a result the Admin port cannot be used to manage the server via the Administration Console and other Administration clients. The SSL error was: arg0
|
Description
| An SSL issue prevented the server from opening the Admin port. As a result the Admin port cannot be used to manage the server via the Administration Console and other Administration clients.
|
|
Cause
| Most likely another process opened the Admin port thus causing a port conflict.
|
|
Action
| Inspect the log file for messages that identify the reason why none of the listen ports could be opened.
|
|
|
BEA-090087
|
Emergency: Server failed to bind to the configured Admin port. The port may already be used by another process.
|
Description
| None of the listen ports were opened successfully. As a result the Admin port cannot be used to manage the server via the Administration Console and other Administration clients.
|
|
Cause
| Most likely another process opened the Admin port thus causing a port conflict.
|
|
Action
| Inspect the log file for messages that identify the reason why none of the listen ports could be opened.
|
|
|
BEA-090088
|
Warning: Private Key keystore alias is not specified in the SSL configuration of server arg0, security realm arg1. Assuming 6.x private key configuration. Loading the private key from a file.
|
Description
| In order to use secure communication, SSL must be initialized with the private key of the server. The private key can be stored in either a keystore or a file. If a keystore alias is not specified, the server assumes this configuration is a 6.x configuration and it looks for the private key in a file.
|
|
Cause
| The keystore alias is not specified in the Server Private Key Alias attribute.
|
|
Action
| Set the Server Private Key Alias attribute with the alias used to load the private key of the server into the keystore.
|
|
|
BEA-090089
|
Notice: SSL did not find the passphrase for the private key of the server on server server for security realm realm. This may cause an error when SSL attempts to load the private key of the server.
|
Description
| In order to use secure communication, SSL must be initialized with the private key of the server which is stored in a keystore secured by its own passphrase. SSL did not find a configured private key passphrase.
|
|
Cause
| Either the Server Private Key PassPhrase attribute is not set or the Identity PassPhrase attribute is not set.
|
|
Action
| If a passphrase is required to retrieve the private key from a keystore, set the Server Private Key PassPhrase attribute.
|
|
|
BEA-090090(retired)
|
Error: An unexpected exception was thrown while trying to load SSL configuration data on server arg0 for security realm arg1.
|
Description
| An unexpected exception was thrown while SSL was trying to access its private key configuration data.
|
|
Action
| Review the documentation on the keyStore and SSL configuration. Verify that the private key alias and passphrase were configured correctly. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090091
|
Error: SSL was unable to get a required Security Service.
|
Description
| An unexpected exception was thrown while SSL was attempting to obtain a Security service.
|
|
Cause
| A security service was requested, but no value was returned.
|
|
Action
| It is likely the server's configuration has been corrupted. Restore the configuration files from backup. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090092(retired)
|
Notice: SSL will load trusted CAs from the JDK cacerts keyStore: arg0 for security realm arg2 on server arg1.
|
Cause
| A trusted CA keystore was not configured, so SSL will load the set of trusted CAs from the JDK cacerts keystore.
|
|
Action
| To use trusted CAs other than the ones specified in the JDK cacerts keystore, configure a trusted CA keystore that contains the desired trusted CAs. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090093
|
Info: No pre-WLS 8.1 Keystore providers are configured for server arg0 for security realm arg1.
|
Description
| Pre-WLS 8.1 SSL configurations (for private keys and/or trusted CAs) that use keystores will not work.
|
|
Action
| To use pre-WLS 8.1 keystores with the SSL configuration, at least one Keystore Provider must be configured.
|
|
|
BEA-090094(retired)
|
Error: SSL cannot find or open the JDK cacerts keystore arg0 for security realm arg2 on server arg1.
|
Description
| A trusted CA keystore was not configured, so SSL attempted load the set of trusted CAs from the JDK cacerts keystore. However, the JDK cacerts keystore was not found or SSL was unable to open it.
|
|
Action
| SSL cannot be used for secure connections because it could not load trusted CAs from the configured keystore or from the JDK cacerts keystore. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090095
|
Error: SSL cannot instantiate the keystore arg1 on server arg0.
|
Description
| SSL was unable to obtain an instantiation of the configured keystore for the named server.
|
|
Cause
| An exception occurred while creating the keystore. This exception caused the create to fail.
|
|
Action
| Most likely, the keystore was not configured correctly. Check that the keystore provider has been configured on the named server. Review the server log for subsequent messages that contain the exception from the keystore provider.
|
|
|
BEA-090096
|
Error: The MBeans configured for the Keystore provider on server arg0 for security realm arg1 are not Keystore MBeans.
|
Description
| Since the MBeans are not Keystore MBeans, they do not contain the correct data for the Keystore provider.
|
|
Cause
| The MBeans passed to the WebLogic key management initialization method are not Keystore MBeans.
|
|
Action
| Most likely, the Keystore provider was not configured correctly. Check that the Keystore provider has been configured on the named server.
|
|
|
BEA-090097
|
Error: The KeyManager class for private keys server arg0 for security realm arg1 could not be instantiated.
|
Description
| The internal Security service KeyManager could not be found.
|
|
Cause
| The Key Manager Security service is null.
|
|
Action
| There was a problem with the installation of WebLogic Server because the KeyManager is an internal class that supports the WebLogic Security service.
|
|
|
BEA-090098(retired)
|
Error: The JDK cacerts keystore arg0 for security realm arg2 on server arg1 cannot be accessed.
|
Description
| The keystore cannot be accessed because of an java.lang.IOException.
|
|
Action
| Most likely there is a password problem with the JDK cacerts keystore.
|
|
|
BEA-090099(retired)
|
Error: The JDK cacerts keystore arg0 for security realm arg2 on server arg1 cannot be accessed.
|
Description
| The keystore cannot be accessed because of an java.lang.IOException.
|
|
Action
| Most likely there is a password problem with the JDK cacerts keystore.
|
|
|
BEA-090100(retired)
|
Error: SSL was unable to get the arg0 Keystore provider from the provider arg1. Check that the provider arg1 has been correctly added to the J2EE provider list.
|
Description
| When trying to get an instance of the J2EE keystore, the JDK toolkit returned a null.
|
|
Action
| Most likely there is a problem with the java.security file which lists the available keystores.
|
|
|
BEA-090101
|
Error: A keystore exception was thrown when the server arg1 attempted to load trusted CAs from the keystore file arg0.
|
Description
| When trying to load a keystore file, the JDK returned a keystore exception.
|
|
Cause
| The keystore JDK method threw a keystore exception.
|
|
Action
| There is a problem with the keystore file. Check that the file is intact and valid. Use the JDK keytool utility to display the contents of the file. If the file is corrupt, down load a new file from the JavaSoft web site or configure a trusted CA keystore. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090102(retired)
|
Error: SSL was unable to get the arg0 keystore from the provider arg1.
|
Description
| When trying to get an instance of the J2EE keystore, the JDK threw a NoSuchProvider exception.
|
|
Action
| Most likely there is a problem with the java.security file which lists the available keystores.
|
|
|
BEA-090103(retired)
|
Error: SSL was unable to find algorithm for the arg0 keystore
|
Description
| When trying to load the keystore, the JDK threw a NoSuchAlgorithm exception.
|
|
Action
| Most likely there is a problem with the java.security file which lists the available keystores.
|
|
|
BEA-090104(retired)
|
Error: SSL was unable to load certificates into memory from the default keystore using the arg0 keystore type from the provider arg1.
|
Description
| When trying to load the keystore, the JDK threw a Certificate exception.
|
|
Action
| Most likely there is a problem with the java.security file which lists the available keystores. Or the keystore could have been modified using a J2EE security provider that has not been configured for WebLogic Server. Check for differences in the classpaths and security provider lists between the keystore management tool and WebLogic Server.
|
|
|
BEA-090105(retired)
|
Error: No aliases were found in the JDK cacerts keystore or the trusted CA keystore on server arg0 for security realm arg1.
|
Description
| When attempting to load trusted CAs, the keystore was found to contain no aliases by which the trusted CAs can be retrieved.
|
|
Action
| If a trusted CA keystore is configured, check that the keystore contains the expected trusted CAs. Also, check the configured the keystore is the intended keystore. When using the JDK cacerts keystore for trusted CAs, check that it has not been modified to remove the desired trusted CAs. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090106(retired)
|
Error: The Server was unable to find the SSL configuration on server arg0 for security realm arg1.
|
Description
| The Server is not configured to use SSL, but is attempting to obtain SSL configuration information.
|
|
Action
| Check that SSL is configured and enabled on the server specified in the message. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090107(retired)
|
Error: The Server was unable to find the private key on server arg0, security realm arg1. Make sure the private key keystore exists and contains the key entry under specified alias.
|
Description
| The Server attempted to access the privateKeystore configured on the named server, but was unable to access it, or it did not contain the key.
|
|
Action
| Check that a private key keystore is configured on the server named in the log. Verify that the private key keystore exists. Check that the keystore is a valid and contains the private keys necessary to use SSL on the server. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090108
|
Error: The server was unable to retrieve the private key aliased by arg2 from the configured keystore on server arg0 for security realm arg1. Private key password might be invalid.
|
Description
| The server attempted to retrieve the private key from the identity keystore configured on the named server but received an unexpected exception. This message is probably caused by an incorrect private key passphrase.
|
|
Cause
| An exception was thrown by the keystore getKey method.
|
|
Action
| Check that a private key keystore is configured on the server. Verify that the private key keystore exists. Check that the keystore is a valid and contains the private key necessary to use SSL on the server. Verify that the passphrase configured for the private key was the one used to load the private key into the keystore when the private key was created. This exception most often occurs when the passphrase is invalid. Check the log for subsequent messages that contain the key store exception. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090109
|
Error: The server was unable to find the configured private key on server arg0 in the file specified by the SSL Server Key File Name attribute.
|
Description
| The server attempted to load the private key for the server from the file specified by in the Server Key File Name attribute.
|
|
Cause
| The server looks at the Server Key File Name attribute to load the private key of the server when it cannot find the private key in a configured keystore using the alias specified in the Server Private Key Alias attribute as the alias string. One possible cause of this error is that server is not configured with a private key keystore or the server is configured to use the pre-7.0 SSL attribute Server Key File Name.
|
|
Action
| A pre-7.0 configuration is being used for SSL connections, however that configuration does not specify a value for the Server Key File Name attribute. Either provide a value for the Server Key File Name attribute or configure a keystore for the server. SSL will not be able to initialize until the configuration is corrected. For more information, see the security documentation available at http://e-docs.bea.com.
|
|
|
BEA-090110
|
Error: The server was unable to find the configured certificate on server arg0 in the file specified by the Server Certificate File Name attribute arg1.
|
Description
| The server attempted to load the digital certificate for the server from the file specified by the Server Certificate File Name attribute.
|
|
Cause
| The server looks at the Server Certificate File Name attribute to load the certificate for the server. One possible cause of this error is that server is not configured with a certificate, or there is a problem with the file configured as the servers certificate.
|
|
Action
| Verify that a certificate file is configured for the server and that the certificate contained in the file is valid. For more information, see the security documentation available at http://e-docs.bea.com.
|
|
|
BEA-090111(retired)
|
Info: The Server loaded arg2 trusted CAs from the RootCA keystore on server arg0 in the file specified by the SSL ServerCertificateFileName attribute arg1.
|
Description
| The Server attempted to load the servers certificate from the file specified by the SSL attribute "ServerCertificateFileName".
|
|
Cause
| The Server looks at the SSL "ServerCertificateFileName" attribute to load the certificate. One possible cause of this error is that server is not configured with a certificate, or there is a problem with the file configured as the servers certificate.
|
|
Action
| Verify that a certificate file is configured for the server and that the certificate contained in the file is valid. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090112
|
Critical: SSL is configured to require clients to present their certificates, however, no trusted certificates have been loaded. The trusted certificates are necessary for validating client certificates.
|
Description
| A problem has been detected in the SSL configuration. SSL is configured to require clients to present their certificates, however, no trusted certificates necessary for validating client certificates have been loaded.
|
|
Cause
| Either the "Client Certificates Enforced" option was set by mistake or the problem is with SSL trusted certificates configuration.
|
|
Action
| Clear the "Client Certificates Enforced" option or specify the location of keystore that contains the trusted certificates.
|
|
|
BEA-090113
|
Info: Loaded arg0 client trusted CAs from keystore.
|
Cause
| Loaded number of trusted certificate authority from trust keystore
|
|
|
BEA-090114(retired)
|
Warning: Configuration on server arg0 has problems; the server may fail to boot correctly if they are not corrected.
|
|
BEA-090115
|
Info: Created new Administrative User adminUserName
|
Description
| When the server generates a default configuration, the username and password provided on the command line or at the prompts becomes the Administrative user for that configuration. This username and password is required for all administrative tasks such as logging into the Administration Console or issuing restricted commands from weblogic.Admin.
|
|
Cause
| The server was booted from a directory with no config.xml file and you answered yes to when prompted to generate a default configuration. As part of this process, WebLogic Server creates a new Administrative username and password based on the values from command line or security prompts.
|
|
Action
| This username and password is needed for performing administrative functions such as logging into the Administration Console or issuing restricted administrative commands using weblogic.Admin.
|
|
|
BEA-090116
|
Info: The server arg0 is using the private key it retrieved from keystore aliased by arg1.
|
Description
| The server found the private key aliased by the named string in the configured keystore and is using it to initialize SSL.
|
|
|
BEA-090117(retired)
|
Warning: The Server arg0 has a 7.0 security realm, but found and will use the private key from the SSL ServerKeyFileName. The Server expected to find the private key in the configuredKeystore.
|
Description
| The Server has a 7.0 security realm which means it expected to find the private key in the configuredKeystore. Instead, it found the private key configured by the SSL ServerKeyFileName. It is using the private key from the SSL ServerKeyFileName to initialize SSL.
|
|
Action
| Add the servers private key to the configured keystore, and modify the SSL configuration to reference the alias and password by which the private key was stored. Remove the SSL Server Key FileName attribute. This process upgrades the configuration to the current release.
|
|
|
BEA-090118
|
Warning: LDIF template file arg1 was empty. The WebLogic provider arg0 has been bootstrapped but has not been initialized with any LDIF data.
|
Description
| The security provider has not had its LDIF information loaded because the file was empty. This error may result in the server being unable to boot if no users with boot privileges can be found in any security provider.
|
|
Cause
| A WebLogic provider LDIF template file may have been overwritten with an empty file.
|
|
Action
| If the server boots successfully, no action is needed. If the server does not boot successfully then an attempt should be made to recover non-empty LDIFT template file from the WebLogic Server kit.
|
|
|
BEA-090119
|
Warning: LDIF template file arg1 not found. The WebLogic provider arg0 has been bootstrapped but has not been initialized with any LDIF data.
|
Description
| The security provider has not had its LDIF information loaded because the file was not found. This error may result in the server being unable to boot if no users with boot privileges can be found in any security provider.
|
|
Cause
| A WebLogic provider LDIF template file may have been deleted by mistake.
|
|
Action
| If the server boots successfully, no action is needed. If the server does not boot successfully, an attempt should be made to recover the LDIFT template file from the WebLogic Server kit.
|
|
|
BEA-090120
|
Warning: Cannot find the file specified by SSL.TrustedCAFileName arg0 on server arg1.
|
Description
| The server attempted to load trusted CAs from the file specified by Trusted CA File Name attribute, but the file was not found.
|
|
Cause
| The specified file was not found.
|
|
Action
| Verify that the specified file exists in the expected directory and/or that the value of Trusted CA File Name attribute refers to an existing file.
|
|
|
BEA-090121
|
Info: Loaded arg0 client root CAs from TrustedCA File.
|
Cause
| Trusted CA certificates were loaded from a trusted CA file
|
|
|
BEA-090122
|
Info: Loaded arg0 client root CAs from Default Key Store file arg1
|
Cause
| Trusted CA certificates were loaded from the default keystore
|
|
|
BEA-090123
|
Warning: Cannot access specified trusted CA file arg0 on server arg1
|
Description
| The server attempted to read trusted CAs from the file specified by Trusted CA File Name attribute but failed with IOException.
|
|
Cause
| File might be read protected
|
|
Action
| Make sure the trusted CA file is accessible by the server.
|
|
|
BEA-090124
|
Warning: Cannot read certificates from the trusted CA file arg0 on server arg1.
|
Description
| The server attempted to read trusted CA certificates from the file specified by Trusted CA File Name attribute but failed with a KeyManagement exception.
|
|
Cause
| File format is not supported by the server.
|
|
Action
| Make sure the file format is valid and is supported by the server.
|
|
|
BEA-090125
|
Info: Loaded arg0 trusted certificates from keystore file specified on the command line: arg1
|
Cause
| Trusted certificates were loaded from keystore specified on the command line
|
|
|
BEA-090126
|
Critical: Unable to read a valid version number for property arg0 from file arg1. Received exception arg2.
|
Description
| Encountered a arg2 exception while attempting to read the value of the arg0 property from the file arg1. This failure means that the provider will not be initialized properly and there may be security failures.
|
|
Cause
| The value for the arg0 property may have been corrupted.
|
|
Action
| Shutdown the server. Attempt to determine what the proper value for the arg0 property should be and edit the file so that it reflects that value. If it is not possible to determine the proper value for the arg0 property, edit the file and reset the arg0 value to 0. Reboot WebLogic Server.
|
|
|
BEA-090127
|
Critical: Encountered a arg2 exception while attempting to read from file arg1 for WebLogic arg0 provider.
|
Description
| As part of initializing the WebLogic arg0 provider failed to read file arg1.
|
|
Cause
| The arg1 file may have been deleted while it was being accessed.
|
|
Action
| Shutdown the server. Attempt to restore the file from a backup. If no backup is available,reboot the server. Note that the default WebLogic provider might not be correctly initialized.
|
|
|
BEA-090128(retired)
|
Critical: LDIF update template file arg1 not found. The WebLogic provider arg0 has been bootstrapped but has not been updated with the latest required LDIF data.
|
Description
| The arg0 WebLogic provider has not had its LDIF information updated because the arg1 file was not found. This problem may result in the server being unable to boot or in security failures.
|
|
Cause
| A WebLogic provider LDIF update template file may have been deleted by mistake.
|
|
Action
| An attempt should be made to recover the LDIFT update template file from the WebLogic Server kit and the server should be rebooted.
|
|
|
BEA-090129
|
Info: Updating arg0 provider to version arg2 using LDIF update template file arg1.
|
Description
| The arg0 provider has not had its LDIF information updated to the version arg2. An attempt is made to load the LDIF from: arg1
|
|
Cause
| This security provider has not yet been updated or the marker file indicating initialization (with a .initialized extension) has been removed.
|
|
Action
| Look for a matching LoadedLDIFFForProvider message in the log file which indicates success loading the LDIF information for this security provider.
|
|
|
BEA-090130
|
Critical: Failure arg3 while attempting to update the LDIF to version arg2 in file arg1 for WebLogic arg0 provider.
|
Description
| Received a arg3 while attempting to update the LDIF version to arg2 for the arg0 provider. This message typically means that although the LDIF has been updated, WebLogic Server could not write to the the marker file to indicate that the LDIF update was successful. WebLogic Server will try to load the LDIF the next time the security provider is initialized.
|
|
Cause
| The directory into which the arg1 is to be written may not be writable, the file may not be writable, or the file may not be a valid properties file.
|
|
Action
| Ensure both the directory and file are writable. If they are writable, restore the file from backup or open the file and see if the properties within it are corrupt and correct accordingly. The version for provider arg0 needs to be set to arg2 in the file.
|
|
|
BEA-090131
|
Error: Could not create a keystoreType JDK keystore instance. Exception: exception
|
Description
| When trying to create a JDK keystore of type keystoreType, an exception was thrown.
|
|
Cause
| keystoreType is not a valid JDK keystore type or the JDK keystore type is not properly configured.
|
|
Action
| Verify that the correct keystore type was specified and that the keystore type is correctly specified in the java.security file. Verify that the code for the JDK keystore is in the JDK extensions directory. Reboot the server. after correcting the problem.
|
|
|
BEA-090132
|
Error: Could not open the keystore file pathname for read access. Exception: exception
|
Description
| When opening the specified keystore file using a FileInputStream, a FileNotFound exception was thrown.
|
|
Cause
| The file does not exist, the file is a directory rather than a regular file or the file cannot be opened for reading.
|
|
Action
| Verify that the correct path to the keystore file was specified and that the keystore file exists. Reboot the server after correcting the problem.
|
|
|
BEA-090133
|
Error: Could not load a keystoreType keystore from the file pathname. Exception: exception
|
Description
| When calling the load method for the keystore, an IOException was thrown.
|
|
Cause
| There is an I/O or format problem with the keystore data.
|
|
Action
| Verify that the path to the keystore, the keystore type, and the password for the keystore were specified correctly. Note that some keystore types (for example, JKS) do not require a password for read-only access. Read the exception text for more help on diagnosing the problem. Reboot the server after correcting the problem.
|
|
|
BEA-090134
|
Error: Could not load a keystoreType keystore from the file pathname. Exception: exception
|
Description
| The keystore load method threw a CertificateException when loading the keystore from the specified file.
|
|
Cause
| Some certificates in the keystore could not be loaded.
|
|
Action
| Verify that the crypto providers required by the certificates in the keystore are properly configured in the java.security file and that their code is in the JDK extensions directory. Look at the exception text for more information on diagnosing the problem. Reboot the server after correcting the problem.
|
|
|
BEA-090135
|
Error: Could not load a keystoreType keystore from the file pathname. Exception: exception
|
Description
| The keystore load method threw a NoSuchAlgorithmException when loading the keystore from the file pathname.
|
|
Cause
| The algorithm used to check the integrity of the keystore cannot be found.
|
|
Action
| Verify that the algorithm used to check the keystore integrity is properly configured in the java.security file and that the code is in the JDK extensions directory. Read the exception text for more information on diagnosing the problem. Reboot the server after correcting the problem.
|
|
|
BEA-090136
|
Error: Could not open the keystore file pathname for write access. Exception exception
|
Description
| When creating the keystore output file pathname via a File output stream, the File output stream constructor threw a File Not Found exception.
|
|
Cause
| The file may exists but is a directory rather than a regular file, the file does not exist and cannot be created, or the file cannot be opened.
|
|
Action
| Verify that the correct pathname to the keystore was specified and that the parent directory exists. If neither of these problems exist, read the exception text for more information on diagnosing the problem. Reboot the server after correcting the problem.
|
|
|
BEA-090137
|
Error: Could not store a keystoreType keystore in the file pathname. Exception: exception
|
Description
| When storing the keystore to a file, the keystore store method threw an IOException.
|
|
Cause
| There was an I/O problem with the keystore data.
|
|
Action
| Verify that the passphrase is correct. Some JDK keystore implementations require the use of the password for a previous keystore. Read the exception text for more information on diagnosing the problem. Reboot the server after correcting the problem.
|
|
|
BEA-090138
|
Error: Could not store a keystoreType keystore in the file pathname. Exception: exception
|
Description
| When storing the keystore to a file, the keystore store method threw a CertificateException.
|
|
Cause
| Some certificates included in the keystore could not be stored.
|
|
Action
| Verify that the crypto providers required by the certificates in the keystore are properly configured in the java.security file and that their code is in the JDK extensions directory. Look at the exception text for more information on diagnosing the problem. Reboot the server after correcting the problem.
|
|
|
BEA-090139
|
Error: Could not store a keystoreType keystore in the file pathname. Exception: exception
|
Description
| When storing the keystore to a file, the keystore store method threw a No Such Algorithm exception.
|
|
Cause
| The data integrity algorithm for the keystore could not be found.
|
|
Action
| Verify that the algorithm used to check the keystore integrity is properly configured in the java.security file and that the code is in the JDK extensions directory. Read the exception text for more information on diagnosing the problem. Reboot the server after correcting the problem.
|
|
|
BEA-090140
|
Error: Could not store a keystoreType keystore in the file pathname. Exception: exception
|
Description
| When storing the keystore to a file, the keystore store method threw a Key Store exception.
|
|
Cause
| The keystore has not been initialized (loaded).
|
|
Action
| Make sure to load the keystore before storing it. Read the exception text for more information on diagnosing the problem. Reboot the server after correcting the problem.
|
|
|
BEA-090141
|
Info: The WebLogic keystore provider provider in security realm realm cannot be used for private keys because its private key keystore was not configured.
|
Description
| .
|
|
Cause
| The Private Key Store Location attribute was not specified.
|
|
Action
| To use the WebLogic Keystore provider to store private keys, perform the following steps. Create a JDK keystore and load the private keys into the keystore. Use the Administration Console to attributes on the WebLogic Keystore provider. Set the Private Key Store Location attribute to the pathname of JDK keystore file. Set the Private Key Store Passphrase attribute to the passphrase of the JDK keystore file (some keystore types (for example, JKS) allow an empty passphrase for read-only access). Set the Type attribute to the type of the JDK keystore (the Type attribute may be left empty if the JDK keystore uses the default keystore type configured in the java.security file). Reboot the server.
|
|
|
BEA-090142
|
Info: The WebLogic keystore provider provider in security realm realm cannot be used for trusted (root) CAs because its trusted (root) CA keystore was not configured.
|
Cause
| The Root Key Store Location attribute was not specified.
|
|
Action
| To use the WebLogic Keystore provider to store trusted CAs, perform the following steps. Create a JDK keystore. Load the trusted CA certificates into the keystore. Set attributes on the WebLogic Keystore provider. Set the Root Key Store Location attribute to the pathname of JDK keystore file. Set the Root Key Store Passphrase attribute to the passphrase of the JDK keystore file (some keystore types (for example, JKS) allow an empty passphrase for read-only access). Set the Type attribute to the JDK keystore type (the type may be left empty if the JDK keystore uses the default keystore type configured in the java.security file). Reboot the server.
|
|
|
BEA-090143
|
Info: The WebLogic keystore provider provider in security realm realm cannot be used for private keys because its configured private key keystore file location does not exist.
|
Cause
| The file location does not exist as a global pathname or in the domain directory.
|
|
Action
| To use the WebLogic Keystore provider to store private keys, perform the following steps. Create a JDK keystore and load the private keys into the keystore. Use the Administration Console to attributes on the WebLogic Keystore provider. Set the Private Key Store Location attribute to the pathname of JDK keystore file. Set the Private Key Store Passphrase attribute to the passphrase of the JDK keystore file (some keystore types (for example, JKS) allow an empty passphrase for read-only access). Set the Type attribute to the type of the JDK keystore (the Type attribute may be left empty if the JDK keystore uses the default keystore type configured in the java.security file). Reboot the server.
|
|
|
BEA-090144
|
Info: The WebLogic keystore provider provider in security realm realm cannot be used for trusted (root) CAs because its configured trusted (root) CA keystore file location does not exist.
|
Cause
| The file location does not exist as a global pathname or in the domain directory.
|
|
Action
| To use the WebLogic Keystore provider to store trusted CAs, perform the following steps. Create a JDK keystore. Load the trusted CA certificates into the keystore. Set attributes on the WebLogic Keystore provider. Set the Root Key Store Location attribute to the pathname of JDK keystore file. Set the Root Key Store Passphrase attribute to the passphrase of the JDK keystore file (some keystore types (for example, JKS) allow an empty passphrase for read-only access). Set the Type attribute to the JDK keystore type (the type may be left empty if the JDK keystore uses the default keystore type configured in the java.security file). Reboot the server.
|
|
|
BEA-090145
|
Error: The WebLogic Keystore provider provider in security realm realm cannot be used for private keys because its private key type keystore could not be loaded from the file pathname.
|
Description
| The private key keystore could not be loaded because of an error.
|
|
Cause
| See the error logged before this one for details.
|
|
Action
| Verify that the Root Keystore Location attribute is specified correctly. Verify that the Root Keystore PassPhrase attribute matches the passphrase of the keystore. Some keystore types (for example, JKS) allow an empty passphrase for read-only access. Verify that the Type attribute is correct. The Type attribute may be left empty if the JDK keystore uses the keystore type configured in the java.security file. Verify that the private key keystore exists and is properly configured. Verify that a keystore for the type specified is properly configured. After correcting the problem, reboot the server.
|
|
|
BEA-090146
|
Error: The WebLogic Keystore provider provider in security realm realm cannot be used for trusted CAs because its trusted CA type keystore could not be loaded from the file pathname.
|
Description
| The trusted CA keystore could not be loaded because of an error.
|
|
Cause
| See the error logged before this one for details.
|
|
Action
| Verify that the Private Keystore Location attribute is correct. Verify that the Private Keystore PassPhrase attribute matches the passphrase of the keystore. Note that some keystore types (for example, JKS) allow an empty passphrase for read-only access. Verify that the Type attribute is correct. The Type attribute may be empty if the JDK keystore uses the keystore type configured in the java.security file. Verify that the private key keystore exists and is properly configured. Verify that a JDK keystore for the type specified is properly configured. After correcting the problem, reboot the server.
|
|
|
BEA-090147
|
Warning: Filename arg1 was not found in the CanonicalPathCache in the SupplementalPolicyObject.
|
Description
| A file name that should have been in the Canonical Path cache was not there as expected.
|
|
Cause
| An attempt was made to undeploy an application that was not properly deployed.
|
|
Action
| Please report the error to BEA Systems, Inc.
|
|
|
BEA-090148
|
Warning: Failed to update security domain configuration
|
Description
| Save domain operation failed with exception e
|
|
Cause
| Files or file system may be write protected.
|
|
Action
| Please report the error to BEA Systems, Inc.
|
|
|
BEA-090149
|
Info: The server security configuration has been loaded from path
|
Cause
| There were no Realm MBeans
|
|
|
BEA-090150(retired)
|
Notice: Trusted certificate has expired: cert
|
Description
| A trusted certificate has expired
|
|
Cause
| A trusted CA certificate has expired. The cacerts keystore from the JDK may contain an expired certificate. When using the JDK trusted CA keystore, the following message appears @quot;OU=Class 4 Public Primary Certification Authority@quot; trusted certificate.
|
|
Action
| If the application does not use the specified trusted CA certificate, ignore the log message. To stop displaying the log message, use the keytool utility to either update the certificate in the trusted CA keystore (keytool -import) with a version that has not expired or remove the trusted CA certificate (keytool -delete).
|
|
|
BEA-090151(retired)
|
Notice: Trusted certificate is not yet valid: cert
|
Description
| A trusted CA certificate is not yet valid
|
|
Cause
| A trusted CA certificate is not yet valid
|
|
Action
| Update trusted CA keystore.
|
|
|
BEA-090152
|
Alert: Demo trusted CA certificate is being used in production mode: cert The system is vulnerable to security attacks, since it trusts certificates signed by the demo trusted CA.
|
Description
| Demo trusted CA certificate is for development mode only. It should not be used in production mode as it presents a serious security vulnerability.
|
|
Cause
| Trusted CA keystore contains a demo certificate.
|
|
Action
| Remove the demo certificate from a trusted CA keystore.
|
|
|
BEA-090153
|
Alert: Demo identity certificate is used in production mode: cert The system is vulnerable to security attacks, since the server private key is available to the public.
|
Description
| Demo certificate for the server is used in production mode. The system is vulnerable to security attacks since the private key of the server is available to the public.
|
|
Cause
| The server is configured with Demo identity and is running in production mode.
|
|
Action
| Configure the server to use a certificate obtained from a reputable certificate authority.
|
|
|
BEA-090154
|
Alert: Identity certificate has expired: cert
|
Description
| Server certificate has expired.
|
|
Cause
| Certificate for the server has expired.
|
|
Action
| Configure the server to use a certificate obtained from a reputable certificate authority.
|
|
|
BEA-090155
|
Emergency: Identity certificate is not yet valid: cert
|
Description
| Server certificate is not yet valid
|
|
Cause
| Server certificate is not yet valid.
|
|
Action
| Replace server certificate with a certificate obtained from a reputable certificate authority.
|
|
|
BEA-090156
|
Alert: Invalid identity certificate signature: cert
|
Description
| The certificate signature of the server is invalid.
|
|
Cause
| The certificate of the server or the certificate authority that issued the certificate is invalid.
|
|
Action
| Replace certificate of the server with a valid certificate.
|
|
|
BEA-090157
|
Alert: Unable to verify certificate signature: cert
|
Description
| Caught exception while trying to verify the certificate signature of the server.
|
|
Cause
| The certificate of the server or the certificate authority that issued the certificate is invalid.
|
|
Action
| Replace certificate of the server with a valid certificate.
|
|
|
BEA-090158
|
Error: The server was unable to find the private key with alias arg0 at location arg1 on server arg2, security realm arg3. Make sure the keystore exists and contains the key entry under the specified alias.
|
Description
| The server was unable to access the keystore that contains the private key of the server configured on the named server or the keystore did not contain the private key of the server.
|
|
Cause
| The private key alias arg0 was not found at location arg1 on server arg2, security realm arg3.
|
|
Action
| Check that a keystore is configured on the server displayed in the log file. Verify that the keystore for the private key exists, the keystore is a valid, and contains the private key for the server. For more information, see the security documentation at http://e-docs.bea.com.
|
|
|
BEA-090159(retired)
|
Error: The defaultKeystore file arg0 on server arg1 cannot be accessed.
|
Description
| The keystore cannot be accessed because of an java.lang.IOException.
|
|
Action
| A password problem for the JDK cacerts keystore is most likely the cause of the exception.
|
|
|
BEA-090160
|
Info: Cannot find default trusted CA keystore file arg0 on server arg1.
|
Description
| The keystore does not exist.
|
|
Action
| Configure a trusted CA keystore.
|
|
|
BEA-090161
|
Notice: A failure occurred attempting to save LDIF for security provider arg0 using file arg1.
|
Description
| A failure occurred attempting to save LDIF for security provider arg0 using file arg1. The exception is e.
|
|
Cause
| An exception occurred attempting to open a temporary file as part of the export process.
|
|
Action
| Examine the exception and correct the cause.
|
|
|
BEA-090162
|
Info: The arg0 provider has had its LDIF information saved in: arg1
|
Description
| Successfully exported LDIF for the security provider.
|
|
Cause
| The security provider was requested to export data.
|
|
|
BEA-090163
|
Notice: The arg0 provider did not import a duplicate LDAP entry: arg1
|
Description
| A duplicate DN was found for this security provider which prevented the entry from being imported.
|
|
Cause
| The security provider already contained the imported data.
|
|
Action
| Delete the existing data and import data into the security provider again.
|
|
|
BEA-090164
|
Warning: Failed to load trusted certificates from keystore ksFileName of type ksType
|
Description
| Error happened while loading trusted CAs from keystore.
|
|
Cause
| Keystore file cannot be loaded because of invalid password or Keystore type.
|
|
Action
| Make sure keystore configuration is valid.
|
|
|
BEA-090165
|
Alert: Cannot find identity keystore file fileName on server server
|
Description
| The identity keystore was not found.
|
|
Cause
| The identity keystore does not exist.
|
|
Action
| Correct the SSL configuration of the server. Specify a valid identity keystore.
|
|
|
BEA-090166
|
Alert: Failed to load identity keystore of type ksType from file fileName on server server
|
Description
| File exists but for some reason cannot be loaded.
|
|
Cause
| File is not a valid keystore file or it is of a different keystore type.
|
|
Action
| Make sure the keystore file specified in SSL configuration of the server is valid and of the specified keystore type.
|
|
|
BEA-090167
|
Alert: Cannot retrieve identity certificate and private key on server serverName, because the keystore entry alias is not specified.
|
Description
| Alias for the private key entry in the identity keystore was not specified.
|
|
Cause
| Alias for the private key entry in the identity keystore was not specified.
|
|
Action
| Correct the private key alias in the SSL configuration of the server.
|
|
|
BEA-090168
|
Alert: No identity key/certificate entry was found under alias alias in keystore ksFile on server serverName
|
Description
| The private key entry does not exist in specified keystore under the specified alias.
|
|
Cause
| The private key entry does not exist in specified keystore under specified alias. The wrong alias or keystore was specified or the entry under the specified alias is not a private key.
|
|
Action
| Make sure the entry for the private key exists in the specified keystore under the specified alias.
|
|
|
BEA-090169
|
Notice: Loading trusted certificates from the ksType keystore file ksFile.
|
Description
| This message contains information about the trusted CA keystore.
|
|
Cause
| The server is loading trusted CA certificates from the specified keystore.
|
|
Action
| Verify that the correct trusted CA certificate and keystore are being used.
|
|
|
BEA-090170
|
Notice: Loading the private key stored under the alias alias from the ksType keystore file ksFile.
|
Description
| This message contains information about the private key loaded from the keystore.
|
|
Cause
| The server is loading the private key from the specified keystore.
|
|
Action
| Verify that the private key information such as keystore location, alias, and type are correct.
|
|
|
BEA-090171
|
Notice: Loading the identity certificate and private key stored under the alias alias from the ksType keystore file ksFile.
|
Description
| This message contains information about loading the server identity certificate and private key.
|
|
Cause
| The server is loading the identity certificate and the corresponding private key from the specified keystore.
|
|
Action
| Verify that the certificate information such as keystore location, alias, and type are correct.
|
|
|
BEA-090172
|
Warning: No trusted certificates have been loaded. Server will not trust to any certificate it receives.
|
Description
| Trusted CA certificates are used when making SSL connections. Without trusted CA certificate, server rejects all certificates it receives.
|
|
Cause
| Keystores specified in the SSL configuration of the server do not contain certificates or do not exist.
|
|
Action
| Correct the trusted CA information in the SSL configuration of the server.
|
|
|
BEA-090173
|
Critical: The server''s trust keystore configuration (specified on the command line or in boot.properties) is incorrect.
|
Description
| No certificate, private key or trusted CAs will be used.
|
|
Cause
| Either TrustKeyStores was set to an illegal value or TrustKeyStores was set to CustomTrust but CustomTrustKeyStoreFileName was not specified.
|
|
Action
| If specifying the server''s trust keystore on the command line:\n\n \tTo use the trusted CAs in DemoTrust.jks and in the JDK''s cacerts, specify:\n\n \t\t-Dweblogic.security.TrustKeyStore=DemoTrust\n \t\t\tdefaults to DemoTrust\n\n \t\t-Dweblogic.security.JavaStandardTrustKeyStorePassPhrase=passphrase\n \t\t\tdefaults to no passphrase which means\n \t\t\tread-only access to the JDK''s cacerts.\n\n \tTo use the trusted CAs in the JDK''s cacerts, specify:\n\n \t\t\-Dweblogic.security.TrustKeyStore=JavaStandardTrust\n\n \t\t-Dweblogic.security.JavaStandardTrustKeyStorePassPhrase=passphrase\n \t\t\tdefaults to no passphrase which means\n \t\t\tread-only access to the JDK''s cacerts.\n\n \tTo use the trusted CAs from another keystore, specify:\n\n \t\t-Dweblogic.security.TrustKeyStore=CustomTrust\n\n \t\t-Dweblogic.security.CustomTrustKeyStoreFileName=filename\n \t\t\teither an absolute pathname or a pathname relative to the \n \t\t\tdirectory the server was booted in.\n\n \t\t-Dweblogic.security.CustomTrustKeyStoreType=type\n \t\t\tdefaults to the default keystore type specified\n \t\t\tin the JDK''s java.security file.\n\n \t\t-Dweblogic.security.CustomTrustKeyStorePassPhrase=passphrase\n \t\t\tdefaults to no passphrase. Some keystore types allow this\n \t\t\tbut only grant read-access (e.g. JKS). Other keystore types\n \t\t\trequire a keystore passphrase even for read-access.\n\n If specifying the server''s trust keystore via boot.properties, set the same properties as for the command line to boot.properties but remove the weblogic.security prefix. For example, set TrustKeyStore=JavaStandardTrust.
|
|
|
BEA-090174
|
Critical: The trust keystore configuration specified on the command line or in boot.properties does not match the trust keystore configuration specified in config.xml.
|
Description
| No certificate, private key or trusted CAs will be used.
|
|
Cause
| Either the trust keystore type does not match (for example, one specifies CustomTrust and the other specifies JavaStandardTrust) or the configuration values do not match (for example, the CustomTrustKeyStoreFileName values are not the same).
|
|
Action
| To always specify the trusted CA keystore for the server on the command line or the boot.properties file, set the server''s Keystores value in the config.xml file to CustomIdentityAndCommandLineTrust. Otherwise, ensure that the trust keystore configuration for this server in config.xml matches the trust keystore configuration specified on the command line or in boot.properties.
|
|
|
BEA-090175
|
Error: Unrecognized Callback
|
Description
| This exception is thrown by the SimpleCallbackHandler class if it encounters a callback that is not a PasswordCallback or a NameCallback.
|
|
Cause
| Only callbacks of NameCallback or PasswordCallback are supported.
|
|
Action
| Remove the unsupported callback from the list of callbacks.
|
|
|
BEA-090176
|
Error: Illegal null Subject passed as a parameter.
|
Description
| This exception is thrown when the utility subject methods determine that a null subject was passed as a parameter.
|
|
Cause
| The Subject parameter cannot be null.
|
|
Action
| Verify that the subject passed as a parameter is not null. If no subject utility methods are being called, this exception indicates an internal coding error in the server. This exception should not normally occur. Check with BEA support.
|
|
|
BEA-090177
|
Error: Invalid Message Digest requested, only MD5, SHA, and MD2 supported.
|
Description
| This exception is thrown when requesting a message digest type that is not supported.
|
|
Cause
| Message digest type is not supported.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090178
|
Error: null Class
|
Description
| When getting all the principals for a particular class, the specified class is null.
|
|
Cause
| The class used to filter principals is null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090179
|
Error: Null action
|
Description
| This exception is thrown when the action specified to doAs is null.
|
|
Cause
| The doAs method expects the action to not be null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090180
|
Error: Could not convert AS to AU: as
|
Description
| This exception is thrown when converting from an authenticated subject to an authenticated user.
|
|
Cause
| An exception was thrown when converting.
|
|
Action
| Look at the exception text to diagnose the problem.
|
|
|
BEA-090181
|
Error: attempting to modify a sealed subject
|
Description
| This exception is thrown if an attempt is made to modify a sealed subject.
|
|
Cause
| A sealed subject is read-only and cannot be modified.
|
|
Action
| This exception is an internal error. Contact BEA support.
|
|
|
BEA-090182
|
Error: name is not a java.security.Principal
|
Description
| This exception is thrown when attempting to add an object that is not a principal to a subject.
|
|
Cause
| Object is not a principal. Only principals can be added to a subject.
|
|
Action
| Verify that the Authentication provider is correctly creating principals.
|
|
|
BEA-090183
|
Error: Got an NPE in AuthenticatedUser.hashCode() with actual type type.
|
Description
| This exception occurs when a NullPointerException occurs when hashing the AuthenticatedUser.
|
|
Cause
| The authenticated user name, qos, or localPort is null.
|
|
Action
| This exception indicates an internal error. Contact BEA support.
|
|
|
BEA-090184
|
Error: Invalid Constraints
|
Description
| The Authentication provider does not support any of the specified constraints for the import or export operation.
|
|
Cause
| None of the specified constraints are supported.
|
|
Action
| Remove the unsupported constraints or pass-in supported constraints. Supported constraints are @quot;users@quot; and @quot;groups@quot;.
|
|
|
BEA-090185
|
Error: No CallbackHandler Specified
|
Description
| In the UsernamePasswordLoginModule class, a null callback handler was specified.
|
|
Cause
| The callback handler is null.
|
|
Action
| Pass a non-null callback handler when initializing the UsernamePasswordLoginModule.
|
|
|
BEA-090186
|
Error: Error: Callback name Not Available
|
Description
| An UnsupportedCallback exception was thrown by the handle method of the callback handler.
|
|
Cause
| The callback handler does not support one of callbacks required by the UsernamePasswordLoginModule. The UsernamePasswordLoginModule requires 3 callbacks: NameCallback, PasswordCallback, and URLCallback.
|
|
Action
| Verify that the callback handler specified in the initialize method of UsernamePasswordLoginModule supports the 3 required callbacks.
|
|
|
BEA-090187
|
Error: filename (Unable to delete)
|
Description
| When attempting to delete the boot properties file, the delete method returned false.
|
|
Cause
| The file could not be deleted.
|
|
Action
| Verify that the file can be deleted and is not locked by some other process.
|
|
|
BEA-090188
|
Error: Can't update a read only PermissionCollection.
|
Description
| This exception is thrown when adding a Permission to a read-only Combining Permission Collection.
|
|
Cause
| The collection is read-only and permissions cannot be added.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090189
|
Error: CommoUtilsImpl.getProxy failed.
|
Description
| This exception is thrown when the utility method to get a proxy for a commo MBean fails with an exception.
|
|
Cause
| One of the calls to get an Commo MBean proxy failed with an exception.
|
|
Action
| Look at the exception text for more information on diagnosing the problem.
|
|
|
BEA-090190
|
Error: Error creating filename
|
Description
| When writing a file using a FileOutputStream, a FileNotFound exception was thrown.
|
|
Cause
| Either the file does not exist, the file is a directory rather than a regular file, or the file cannot be opened for reading.
|
|
Action
| Verify the filename. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090191
|
Error: Error writing realm contents to filename
|
Description
| When writing a file using a FileOutputStream, an IOException was thrown.
|
|
Cause
| An error occurred writing the file.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090192
|
Error: couldn't create temporary file for filename , .new, directoryPath
|
Description
| When creating a temporary file, an IOException was thrown by the File.createTempFile method.
|
|
Cause
| An error occurred creating the temporary file.
|
|
Action
| Verify the filename and directory. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090193
|
Error: Couldn't create temporary file for filename, .old, directoryPath
|
Description
| When creating a temporary file, an IOException was thrown by the File.createTempFile method and the temp file could not be created.
|
|
Cause
| An error occurred creating the temporary file.
|
|
Action
| Verify the filename and directory. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090194
|
Error: Couldn't clear temporary file filename
|
Description
| The temporary file could not be deleted.
|
|
Cause
| The delete method returned false.
|
|
Action
| Verify that the file can be deleted and is not locked by some other process.
|
|
|
BEA-090195
|
Error: Couldn't rename fromFilename to toFileName
|
Description
| The temporary file could not be renamed.
|
|
Cause
| The rename method returned false.
|
|
Action
| Verify that the file can be renamed and is not locked by some other process.
|
|
|
BEA-090196
|
Error: Couldn't delete filename
|
Description
| The temporary file could not be deleted.
|
|
Cause
| The delete method returned false.
|
|
Action
| Verify that the file can be deleted and is not locked by some other process.
|
|
|
BEA-090197
|
Error: Can't find permission classname
|
Description
| The specified permission could not be instantiated as the class for the permission could not be found.
|
|
Cause
| A ClassNotFound exception was thrown when instantiating the permission.
|
|
Action
| Verify that the class is contained in the classpath.
|
|
|
BEA-090198
|
Error: No appropriate constructor for classname
|
Description
| The specified permission could not be instantiated as the constructor for the permission could not be found.
|
|
Cause
| A NoSuchMethod exception was thrown when instantiating the permission.
|
|
Action
| Verify that the permission class implements the constructor.
|
|
|
BEA-090199
|
Error: Can't instantiate abstract class classname
|
Description
| The specified permission could not be instantiated as the instantiation failed.
|
|
Cause
| An Instantiation exception was thrown when instantiating the permission.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090200
|
Error: No permission to instantiate constructor for classname
|
Description
| The specified permission could not be instantiated due to a access failure.
|
|
Cause
| An IllegalAccess exception was thrown when instantiating the permission.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090201
|
Error: Incorrect argument for constructor for classname
|
Description
| The specified permission could not be instantiated because of an incorrect argument.
|
|
Cause
| An IllegalArgument exception was thrown when instantiating the permission.
|
|
Action
| Verify that the permission class implements the appropriate constructor.
|
|
|
BEA-090202
|
Error: Exception in constructor for classname
|
Description
| The specified permission could not be instantiated because of an exception.
|
|
Cause
| An InvocationTarget exception was thrown when instantiating the permission.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090203
|
Error: Trailing text after grant string.
|
Description
| The parsing of the security policies failed due to text after the closing bracket and semicolon.
|
|
Cause
| Text is present after the closing bracket and semicolon.
|
|
Action
| Remove the text after the closing bracket and semicolon.
|
|
|
BEA-090204
|
Error: Unexpected end of string in grant statement.
|
Description
| The parsing of the security policies failed because the end of the string was reached before the grant was complete.
|
|
Cause
| Grant statement is not complete.
|
|
Action
| Verify the grant statement and add the necessary text.
|
|
|
BEA-090205
|
Error: Expected "constantquot; but found "fnd".
|
Description
| The parsing of the security policies failed because the syntax is incorrect. The specified construct was expected but not found.
|
|
Cause
| Syntax is incorrect.
|
|
Action
| Verify the syntax and add the specified expected construct.
|
|
|
BEA-090206
|
Error: Expected '"' but found "fnd".
|
Description
| The parsing of the security policies failed because the syntax is incorrect. A quote was expected but was not found.
|
|
Cause
| Quote was not found.
|
|
Action
| Verify the syntax and add the quote.
|
|
|
BEA-090207
|
Error: Version mismatch. have have, expected expected
|
Description
| This exception is thrown when the version of the SerializedSystemIni.dat file is not the supported version.
|
|
Cause
| The version number does not match the expected value.
|
|
Action
| Verify that the SerializedSystemIni.dat file has not been corrupted.
|
|
|
BEA-090208
|
Error: Corrupt path
|
Description
| An IOException was thrown when reading data from the SerializedSystemIni.dat file.
|
|
Cause
| IOException when reading bytes from the file.
|
|
Action
| Verify that the SerializedSystemIni.dat file is valid. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090209
|
Error: Couldn't close stream: path
|
Description
| An IOException was thrown on the close of the input stream while reading the SerializedSystemIni.dat file.
|
|
Cause
| An IOException was thrown by the input stream close method.
|
|
Action
| Verify that the SerializedSystemIni.dat file is valid. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090210
|
Error: Error opening path
|
Description
| A FileNotFoundException was thrown while opening the SerializedSystemIni.dat file.
|
|
Cause
| A FileNotFound exception was thrown while opening the input stream.
|
|
Action
| Verify that the SerializedSystemIni.dat file exists and is accessible. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090211
|
Error: Managed servers cannot call getSalt(). Use Security MBean method instead.
|
Description
| A Managed server should not call this method. It should instead call the Security MBean method.
|
|
Cause
| Method is not supported on Managed servers.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090212
|
Error: Managed servers cannot call getEncryptedSecretKey(). Use the SecurityMBean method instead.
|
Description
| A Managed server should not call this method. It should instead call the Security MBean method.
|
|
Cause
| Method is not supported on Managed servers.
|
|
Action
| This exception that indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090213
|
Error: Error getting encryption service
|
Description
| An exception was thrown while getting the encryption service.
|
|
Cause
| Initializing the encryption service failed.
|
|
Action
| Verify that the SerializedSystemIni.dat file exists and is accessible. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090214
|
Error: Unsupported message type: type
|
Description
| An unsupported text output callback type was encountered. Only INFORMATION, ERROR, and WARNING are supported.
|
|
Cause
| Text output callback message type is not supported.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090215
|
Error: Unrecognized Callback
|
Description
| During the server authentication at boot time, an unsupported callback was encountered. Only callbacks of type TextCallBack, NameCallback, and PasswordCallback are supported.
|
|
Cause
| An unsupported callback was encountered.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090216
|
Error: No CallbackHandler Specified
|
Description
| During the server authentication at boot time, no callback handler was specified.
|
|
Cause
| A callback handler is required.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090217
|
Error: Error: Callback name Not Available
|
Description
| During the server authentication at boot time, an unsupported callback was encountered.
|
|
Cause
| An unsupported callback exception was thrown while calling the callback handler handle method.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090218
|
Error: decoding error: exc
|
Description
| This exception is thrown when an IOException occurs during decode of an encrypted string.
|
|
Cause
| An IOException occurred.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090219
|
Error: Error decrypting Secret Key exc
|
Description
| This exception is thrown when getting the secret key.
|
|
Cause
| An exception occurred when getting the secret key for the encryption service.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090220
|
Error: rule ruleNum
|
Description
| This exception is thrown when a connection filter rule denies access.
|
|
Cause
| Connection filter rule denied access.
|
|
Action
| None. This exception is used to deny access to the server as specified in the rules of the connection filter.
|
|
|
BEA-090221
|
Error: Connection filter internal error!
|
Description
| A unknown connection filter rule type was encountered. Only ALLOW, DENY, and IGNORE are allowed.
|
|
Cause
| Unknown connection filer rule encountered.
|
|
Action
| Verify the connection filter rules. This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090222
|
Error: unknown protocol "token"
|
Description
| This exception is thrown when an unknown protocol is encountered in a connection filter. Supported protocols are http, t3, https, t3s, giop, giops, dcom, and ftp.
|
|
Cause
| The protocol specified in the connection filter is not supported.
|
|
Action
| Verify the protocol and ensure it is listed in the rules of the connection filter.
|
|
|
BEA-090223
|
Error: bad netmask: "mask"
|
Description
| This exception is thrown when the net mask for a connection filter is invalid.
|
|
Cause
| The netmask is greater than 32 bits or less than 0.
|
|
Action
| Verify the netmask in the connection filter.
|
|
|
BEA-090224
|
Error: bad netmask: "mask"
|
Description
| The netmask is invalid. There must be 4 tokens in the netmask.
|
|
Cause
| The number of tokens in the netmask is not 4.
|
|
Action
| Verify the netmask.
|
|
|
BEA-090225
|
Error: bad netmask: "mask"
|
Description
| The number in a netmask is invalid. The number must be greater than or equal to 0 and less than or equal to 255.
|
|
Cause
| The number in the netmask is less than 0 or greater than 255.
|
|
Action
| Change the number in the netmask to be greater or equal to 0 and less than or equal to 255.
|
|
|
BEA-090226
|
Error: bad netmask: "mask"
|
Description
| The number in a netmask is invalid.
|
|
Cause
| A NumberFormat exception was thrown when calling Integer.parseInt on the netmask token.
|
|
Action
| Verify the netmask token to ensure it is an integer.
|
|
|
BEA-090227
|
Error: bad action "action"
|
Description
| The action in a connection filter is invalid. Valid actions are deny and allow.
|
|
Cause
| The action is not deny or allow.
|
|
Action
| Verify the action and change it to deny or allow.
|
|
|
BEA-090228
|
Error: null filter
|
Description
| This exception is thrown when a connection filter is null.
|
|
Cause
| A connection filter cannot be null.
|
|
Action
| Verify the connection filter and ensure that a connection filter is not null.
|
|
|
BEA-090229
|
Error: Attempt to set connection filter more than once
|
Description
| A connection filter can only be set once per server instance.
|
|
Cause
| Connection filter was set more than once.
|
|
Action
| Modify the application code to only call the setFilter method once.
|
|
|
BEA-090230
|
Error: Zero length PEMInputStream
|
Description
| The PEM input stream was empty and did not contain any bytes.
|
|
Cause
| The PEM input stream contained zero bytes.
|
|
Action
| Verify that the PEM file or PEM input stream is valid and does not contain zero bytes.
|
|
|
BEA-090231
|
Error: Security already configured
|
Description
| The Security service can only be initialized once. This exception occurs when the method is called twice.
|
|
Cause
| The Security service initialization method was called twice.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090232
|
Error: salt is not set
|
Description
| The salt could not be obtained from the MBean.
|
|
Cause
| The salt obtained from the MBean is null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090233
|
Error: problem with connection filter rules
|
Description
| Setting the connection filter rules failed with an exception.
|
|
Cause
| An exception occurred while setting the connection filter rules. The filter class may not have been loaded or some other error may have caused the exception.
|
|
Action
| Verify the connection filter class and rules. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090234
|
Error: The Auditing Provider is not initialized.
|
Description
| The Auditor writeEvent method has been called without initializing the WebLogic Auditing provider.
|
|
Cause
| The WebLogic Auditing provider was not initialized before the writeEvent method was called.
|
|
Action
| Ensure that the WebLogic Auditing provider has been initialized before events are written.
|
|
|
BEA-090235
|
Error: Invalid Audit Severity
|
Description
| An invalid Audit severity value was set. Valid values are ERROR, FAILURE, WARNING, SUCCESS, INFORMATION, and AUDIT_FAILURE.
|
|
Cause
| The Audit severity value is invalid or not supported.
|
|
Action
| Verify the Audit severity value passed to the setAuditSeverity method.
|
|
|
BEA-090236
|
Error: DefaultAuthenticatorImpl constructor failed: exc
|
Description
| An exception was thrown in the constructor of the WebLogic Authentication provider. This exception could be an LDAP error or from some other problem.
|
|
Cause
| An exception was thrown in the constructor of the WebLogic Authentication provider.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090237
|
Error: Validation of old password failed
|
Description
| When changing a user password, the old password is validated before changing to the new password. This validation failed.
|
|
Cause
| The old password was not valid.
|
|
Action
| Pass in the correct old password to the changeUserPassword method.
|
|
|
BEA-090238
|
Error: could not create User Name Mapper
|
Description
| The User Name Mapper class configured for the WebLogic identity assertion provider could not be loaded.
|
|
Cause
| An exception occurred while loading the User Name Mapper class.
|
|
Action
| Verify that the User Name Mapper class exists in the class path and the class implements the UserNameMapper interface.
|
|
|
BEA-090239
|
Error: Identity Assertion type cannot be null
|
Description
| A null token type was passed to the assertIdentity method in the WebLogic identity assertion provider.
|
|
Cause
| The token type was null.
|
|
Action
| The containers should not be passing a null token type. This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090240
|
Error: Identity Assertion token cannot be null
|
Description
| A null token was passed to the assertIdentity method in the WebLogic identity assertion provider.
|
|
Cause
| The identity assertion token was null.
|
|
Action
| The containers should not be passing a null token. This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090241
|
Error: Identity Assertion type of tokenType is not a configured active type
|
Description
| All identity assertion token types must be configured in the WebLogic identity assertion provider.
|
|
Cause
| The identity assertion token type was not configured in the WebLogic identity assertion provider.
|
|
Action
| Configure the identity assertion type tokenType in the Active Types attribute of the WebLogic identity assertion provider.
|
|
|
BEA-090242
|
Error: Client principal principalName is not trusted to assert identity
|
Description
| In order to use CSIv2 identity assertion, the client principal must be listed in the Trusted Client Principals attribute of the WebLogic identity assertion provider.
|
|
Cause
| Client principal principalName is not in the list of clients trusted to assert identity via CSIv2 identity assertion tokens.
|
|
Action
| Add the client principal to the Trusted Client Principals attribute of the WebLogic Identity Asserter provider or specify @quot;*@quot; to allow any client to assert any identity.
|
|
|
BEA-090243
|
Error: user Name Mapper class not configured - cannot assert identity
|
Description
| A User Name Mapper must be configured in order for identity assertion to occur for X509 certificates, CSIv2 X509 certificate chains, and CSIv2 X500 distinguished names.
|
|
Cause
| No User Name Mapper is configured.
|
|
Action
| Configure a User Name Mapper. Use either the default User Name Mapper or a custom User Name Mapper. To use the default implementation, set the Use Default User Name Mapper attribute for the WebLogic identity assertion provider. To use a custom User Name Mapper, set the User Name Mapper Class Name attribute to the name of the custom implementation.
|
|
|
BEA-090244
|
Error: Unknown Identity Assertion type tokenType
|
Description
| The WebLogic identity assertion provider only supports a set of identity assertion tokens. A token type of tokenType is not supported. Refer to the Supported Types attribute of the WebLogic identity assertion provider for the list of supported token types.
|
|
Cause
| Identity Assertion type tokenType is not supported.
|
|
Action
| Use a supported identity assertion type or write a custom identity assertion provider.
|
|
|
BEA-090245
|
Error: No mapping for Identity User Name
|
Description
| The User Name Mapper implementation could not map the token to a username. Therefore, identity assertion fails.
|
|
Cause
| The identity assertion token could not be mapped to a username.
|
|
Action
| If this is not the expected outcome, modify the custom User Name Mapper to correctly map the desired token to a username.
|
|
|
BEA-090246
|
Error: Token not of type tokenType
|
Description
| The identity assertion token type was AuthenticatedUser, but the token was not an AuthenticatedUser.
|
|
Cause
| The token does not match the token type.
|
|
Action
| The containers should not be passing a token that is not an AuthenticatedUser. This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090247
|
Error: Unable to verify username
|
Description
| The authenticated user could not be verified by the security realm.
|
|
Cause
| The authenticated user is invalid.
|
|
Action
| Verify that the user identity was from this domain or from a domain that is trusted by this domain.
|
|
|
BEA-090248
|
Error: Unrecognized Callback
|
Description
| The WebLogic identity assertion provider received a callback type that is not supported. The WebLogic identity assertion provider only supports a NameCallback.
|
|
Cause
| Callback type is not supported.
|
|
Action
| Verify that the LoginModule for the configured Authentication provider is only passing a NameCallback when calling the handle method.
|
|
|
BEA-090249
|
Error: Cursor is null
|
Description
| The cursor passed as a parameter to one of the security provider methods is null.
|
|
Cause
| A null cursor is not supported.
|
|
Action
| Modify the code to pass a non-null cursor.
|
|
|
BEA-090250
|
Error: Cursor not found cursorName
|
Description
| A cursor passed to the security provider was not found in the list of valid cursors.
|
|
Cause
| Cursor was not found in the list of valid cursors.
|
|
Action
| Verify that the cursor passed to the method is valid and was returned from a method that creates cursors. Examples of such methods are listUsers, listGroups and listRoles.
|
|
|
BEA-090251
|
Error: haveCurrent error for cursor name cursorName
|
Description
| an LDAP exception occurred while checking to see if the list has a current entry.
|
|
Cause
| LDAP exception during haveCurrent method.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090252
|
Error: advance error for cursor name cursorName
|
Description
| an LDAP exception occurred while advancing the list for this cursor.
|
|
Cause
| an LDAP exception occurred while advancing the list.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090253
|
Error: close error for cursor name cursorName
|
Description
| an LDAP exception occurred while closing this list cursor.
|
|
Cause
| an LDAP exception occurred while closing this list cursor.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090254
|
Error: name cannot be null
|
Description
| The user or group name passed to one of the methods in the WebLogic or LDAP Authentication providers is null.
|
|
Cause
| The name cannot be null in the setUserDescription, setGroupDescription, getUserDescription, or getGroupDescription methods.
|
|
Action
| Pass in a non-null name to the method.
|
|
|
BEA-090255
|
Error: User or Group name
|
Description
| The user or group parameter to the method was not found in the LDAP server used by the WebLogic or LDAP Authentication provider.
|
|
Cause
| The user or group cannot be found.
|
|
Action
| Pass in a user or group that exists.
|
|
|
BEA-090256
|
Error: Error setting description for name
|
Description
| an LDAP exception occurred while setting the description for name.
|
|
Cause
| an LDAP exception occurred while calling to modify the description in the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090257
|
Error: group cannot be null
|
Description
| The group name passed to one of the methods in the WebLogic or LDAP Authentication providers is null.
|
|
Cause
| The group name cannot be null.
|
|
Action
| Pass in a non-null group name to the method.
|
|
|
BEA-090258
|
Error: max cannot be < 0
|
Description
| The maximumToReturn parameter passed to the listGroupMembers, listGroups, or listUsers method is less than zero.
|
|
Cause
| The maximumToReturn value cannot be less than zero.
|
|
Action
| Pass in a maximumToReturn parameter value that is greater or equal to zero.
|
|
|
BEA-090259
|
Error: Group name
|
Description
| The group parameter to the method was not found in the LDAP server used by the WebLogic or LDAP Authentication provider.
|
|
Cause
| Group name does not exist in the LDAP server.
|
|
Action
| Pass in a group that exists.
|
|
|
BEA-090260
|
Error: Error listing group members for groupName
|
Description
| an LDAP exception occurred while listing group members for groupName.
|
|
Cause
| an LDAP exception was thrown while searching for the group members in the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090261
|
Error: wildcard cannot be null
|
Description
| The wildcard parameter passed to listGroups or listUsers methods cannot be null.
|
|
Cause
| Wildcard parameter is null.
|
|
Action
| Pass a non-null wildcard parameter to the method.
|
|
|
BEA-090262
|
Error: Error listing groups groupNameWildCard
|
Description
| an LDAP exception occurred while listing groups.
|
|
Cause
| an LDAP exception was thrown while searching for the groups in the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090263
|
Error: parent group cannot be null
|
Description
| The parent group name passed as a parameter to isMember cannot be null.
|
|
Cause
| Parent group name is null.
|
|
Action
| Pass a non-null parent group name parameter to this method.
|
|
|
BEA-090264
|
Error: member cannot be null
|
Description
| The member name passed as a parameter to the isMember, addMemberToGroup, removeMemberFromGroup, or listMemberGroups methods cannot be null.
|
|
Cause
| Member name is null.
|
|
Action
| Pass a non-null member name parameter to this method.
|
|
|
BEA-090265
|
Error: member cannot be parent group
|
Description
| The member name and the parent group name cannot be the same value when passed to the isMember method.
|
|
Cause
| Member name and parent group name are the same value.
|
|
Action
| Change either the member name or parent group name parameters of this method.
|
|
|
BEA-090266
|
Error: group name cannot be null
|
Description
| The group name passed to the createGroup method is null.
|
|
Cause
| Group name cannot be null.
|
|
Action
| Pass a non-null group name to the method.
|
|
|
BEA-090267
|
Error: Group groupName
|
Description
| The group name passed to createGroup method or the user name passed to createUser method already exists in the LDAP server.
|
|
Cause
| Group groupName already exists in the LDAP server. Users and groups must have unique names.
|
|
Action
| Pass in a unique group name.
|
|
|
BEA-090268
|
Error: Group name
|
Description
| The group name passed to the createGroup method already exists in the LDAP server.
|
|
Cause
| User name already exists in the LDAP server. Users and groups must have unique names.
|
|
Action
| Pass in a unique user name.
|
|
|
BEA-090269
|
Error: Error adding group groupName
|
Description
| an LDAP exception occurred while adding group groupName.
|
|
Cause
| an LDAP exception was thrown while adding the group in the LDAP server.
|
|
Action
| Users and groups must have unique names.
|
|
|
BEA-090270
|
Error: group cannot be same as member
|
Description
| The same groupName and the MemberName parameters were passed to the addMemberToGroup method.
|
|
Cause
| Member and group names must be unique.
|
|
Action
| Pass in a group and member name that are unique.
|
|
|
BEA-090271
|
Error: Member memberName
|
Description
| The member name passed to the addMemberToGroup or removeMemberFromGroup is not a valid user or group in the LDAP server.
|
|
Cause
| Member does not exist.
|
|
Action
| Pass in a member name that exists in the LDAP server.
|
|
|
BEA-090272
|
Error: Error adding member memberName to groupName
|
Description
| an LDAP exception occurred while adding member memberName to group groupName.
|
|
Cause
| an LDAP exception was thrown while adding the member to the group in the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090273
|
Error: member cannot be group
|
Description
| The groupName and the MemberName passed to the removeMemberFromGroup method are the same value.
|
|
Cause
| Member and group names must be unique.
|
|
Action
| Pass in a group and member name that are unique.
|
|
|
BEA-090274
|
Error: Error removing member memberName from groupName
|
Description
| an LDAP exception occurred while removing member memberName from group groupName.
|
|
Cause
| an LDAP exception was thrown when removing the member from the group in the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090275
|
Error: Error removing group groupName
|
Description
| an LDAP exception occurred while removing group groupName.
|
|
Cause
| an LDAP exception was thrown while removing the group from the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090276
|
Error: Error removing group groupName invalid cursor
|
Description
| An InvalidCursorException occurred while removing group groupName.
|
|
Cause
| An InvalidCursorException exception was thrown while removing the group from the LDAP server.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090277
|
Error: Error destroying provider:
|
Description
| an LDAP exception occurred while destroying the Authentication Provider.
|
|
Cause
| an LDAP exception was thrown while removing all the users and groups from the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090278
|
Error: Error listing member groups groupName
|
Description
| an LDAP exception occurred while listing the member groups.
|
|
Cause
| an LDAP exception was thrown while listing the member groups in the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090279
|
Error: Error listing users userName
|
Description
| an LDAP exception occurred while listing the users.
|
|
Cause
| an LDAP exception was thrown while listing the users in the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090280
|
Error: user cannot be null
|
Description
| The user name passed to the userExists method is null.
|
|
Cause
| User name cannot be null.
|
|
Action
| Pass a non-null user name to the method.
|
|
|
BEA-090281
|
Error: user name cannot be null
|
Description
| The user name passed to the createUser, changeUserPassword, or resetUserPassword method is null.
|
|
Cause
| The user name cannot be null.
|
|
Action
| Pass a non-null user name to the method.
|
|
|
BEA-090282
|
Error: password cannot be null
|
Description
| The password passed to the createUser, changeUserPassword, or resetUserPassword method is null.
|
|
Cause
| The password cannot be null.
|
|
Action
| Pass a non-null password to the method.
|
|
|
BEA-090283
|
Error: User userName
|
Description
| The user name passed to the createUser method is a user that exists in the LDAP server.
|
|
Cause
| User userName already exists in the LDAP server.
|
|
Action
| Pass in another user name.
|
|
|
BEA-090284
|
Error: Group groupName
|
Description
| The user name passed to the createUser method already exists in the LDAP server.
|
|
Cause
| Group groupName already exists in the LDAP server. Groups and users must have unique names.
|
|
Action
| Pass in an user name that is not already an existing group.
|
|
|
BEA-090285
|
Error: password must be at least minPassLen characters long
|
Description
| The password passed to the createUser, changeUserPassword, or resetUserPassword method must be at least minPassLen characters long.
|
|
Cause
| Password is not long enough.
|
|
Action
| Enter a password that meets the specified minimum length requirement.
|
|
|
BEA-090286
|
Error: Error adding user userName
|
Description
| an LDAP exception occurred while adding the user.
|
|
Cause
| an LDAP exception was thrown while adding the user to the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090287
|
Error: User userName
|
Description
| The user was not found in the LDAP server used by the WebLogic or LDAP Authentication provider.
|
|
Cause
| User userName does not exist in the LDAP server.
|
|
Action
| Pass a user name that exists.
|
|
|
BEA-090288
|
Error: Invalid password for user userName
|
Description
| The password specified for user userName is not valid. The changePassword method validates the old password and then changes the password to the new password.
|
|
Cause
| The bind to the LDAP server using this user name and password failed.
|
|
Action
| Pass a valid password or use the resetPassword method which does not require the old password.
|
|
|
BEA-090289
|
Error: Error changing password for userName
|
Description
| an LDAP exception occurred while changing or resetting the user password for userName.
|
|
Cause
| an LDAP exception was thrown while modifying the password in the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090290
|
Error: Error removing user userName
|
Description
| an LDAP exception occurred while removing user userName.
|
|
Cause
| an LDAP exception was thrown while removing the user from the LDAP server.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090291
|
Error: type search scope (scope) not recognized
|
Description
| The search scope scope is invalid. The search scope must be @quot;subtree@quot; or @quot;onelevel@quot;.
|
|
Cause
| Search scope scope is not a valid value.
|
|
Action
| Change the User Search Scope attribute for the LDAP Authentication provider.
|
|
|
BEA-090293
|
Error: Error creating provider
|
Description
| An LDAP exception occurred when initializing the WebLogic Authentication provider.
|
|
Cause
| An LDAP exception was thrown when checking the LDAP hierarchy in the initialization of the provider.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090294
|
Error: could not get connection
|
Description
| An error occurred when getting an LDAP connection from the connection pool.
|
|
Cause
| an LDAP exception was thrown because an LDAP connection could not be obtained from the connection pool.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090295
|
Error: caught unexpected exception
|
Description
| An unexpected LDAP exception occurred.
|
|
Cause
| An unexpected LDAP exception was thrown when calling LDAP methods.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090296
|
Error: invalid URL url
|
Description
| When advancing through a list of dynamic groups, an invalid dynamic group URL was found.
|
|
Cause
| an LDAP exception was thrown because of an invalid dynamic group URL.
|
|
Action
| Verify the dynamic group definition. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090297
|
Error: No CallbackHandler Specified
|
Description
| A null callback handler was specified in the LoginModule for the LDAP Authentication provider.
|
|
Cause
| The callback handler is null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090298
|
Error: No Delegate Specified
|
Description
| The LoginModule for the LDAP Authentication provider was initialized with a null LDAP delegate.
|
|
Cause
| The LDAP delegate is null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090299
|
Error: Username Not Supplied
|
Description
| In the LoginModule for the LDAP Authentication provider, the user name returned from the NameCallback is null.
|
|
Cause
| The user name returned from the NameCallback cannot be null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090300
|
Error: Identity Assertion Failed: User userName does not exist
|
Description
| In the LoginModule for the LDAP Authentication provider, the user returned by the identity assertion provider does not exist in the LDAP server.
|
|
Cause
| User does not exist in the LDAP server.
|
|
Action
| Add the user to the LDAP server or configure the identity assertion provider to return a user that exists.
|
|
|
BEA-090301
|
Error: Password Not Supplied
|
Description
| In the LoginModule for the LDAP Authentication provider, the password returned from the PasswordCallback is null.
|
|
Cause
| Password cannot be null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090302
|
Error: Authentication Failed: User userName denied
|
Description
| In the LoginModule for the LDAP Authentication provider, authentication failed for user userName.
|
|
Cause
| The username and password could not bind to the LDAP server.
|
|
Action
| Verify the username and password.
|
|
|
BEA-090303
|
Error: Authentication Failed: User userName exc
|
Description
| In the LoginModule for the LDAP Authentication provider, authentication failed for user userName because of an LDAP exception.
|
|
Cause
| an LDAP exception caused the authentication of the user to fail.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090304
|
Error: Authentication Failed: User userName exc
|
Description
| In the LoginModule for the LDAP Authentication provider, authentication failed for the user. userName due to a an unexpected exception.
|
|
Cause
| An unexpected exception caused the authentication of the user to fail.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090305
|
Error: Authentication Failed Getting Groups for User userName exc
|
Description
| In the LoginModule for the LDAP Authentication provider, authentication failed for user userName. An error occurred when looking up the groups to which the user belongs.
|
|
Cause
| A group to which the user belongs was not found.
|
|
Action
| Verify the groups to which the user belongs.
|
|
|
BEA-090306
|
Error: Authentication Failed Getting Groups for User userName exc
|
Description
| In the LoginModule for the LDAP Authentication provider, authentication failed for user userName. An error occurred when looking up the groups to which the user belongs.
|
|
Cause
| A Invalid Cursor, Invalid Parameter, or LDAP exception was thrown when looking up the groups of which the user is a member.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090307
|
Error: DefaultAuthenticatorImpl constructor failed: exc
|
Description
| When constructing the WebLogic Authentication provider, an exception occurred. This exception is most likely an LDAP or COMMO proxy exception.
|
|
Cause
| A exception was thrown in the constructor for the WebLogic Authentication provider.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090308
|
Error: Validation of old password failed
|
Description
| When changing the user password, the old password was not valid. Therefore, the user password could not be changed.
|
|
Cause
| The old password was not valid.
|
|
Action
| Verify the old password. Optionally, use the resetPassword method to change the user password.
|
|
|
BEA-090309
|
Error: null subject
|
Description
| The subject passed to this method cannot be null.
|
|
Cause
| Subject cannot be null.
|
|
Action
| Pass a non-null subject to the method.
|
|
|
BEA-090310
|
Error: Failed to create resource
|
Description
| When deploying a security policy, the WebLogic Authorization provider failed to create a WebLogic resource.
|
|
Cause
| An EnCreateException was thrown when creating the security policy.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090311
|
Error: Failed to set resource expression
|
Description
| When deploying a security policy, the WebLogic Authorization provider failed to set an expression for the WebLogic resource.
|
|
Cause
| An EnCreateException was thrown when setting the security policy expression.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090313
|
Error: policy removal error
|
Description
| When deleting an application and deleting all of the security policies, an exception occurred.
|
|
Cause
| A EnRemoveException was thrown during the deletion of security policies for the application.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090314
|
Error: Entitlement Engine unable to connect to the embedded LDAP server\nexc
|
Description
| The WebLogic Authorization provider could not connect to the embedded LDAP server.
|
|
Cause
| An exception was thrown when initializing the entitlement engine for the WebLogic Authorization provider.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090315
|
Error: DefaultAuthorizerImpl init failed: exc
|
Description
| The initialization of the WebLogic Authorization provider failed because of an exception.
|
|
Cause
| An exception was thrown during the initialization of the WebLogic Authorization provider.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090316
|
Error: null helper
|
Description
| The Predicate Manager was passed a null authorization utility helper.
|
|
Cause
| The helper cannot be null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090317
|
Error: bug in PredicateArgument
|
Description
| The argument passed to the predicate is invalid.
|
|
Cause
| The arguments for the predicate are invalid.
|
|
Action
| Verify the definition of the condition expression of the security policy.
|
|
|
BEA-090318
|
Error: DefaultRoleMapperImpl init failed: exc
|
Description
| The initialization of the WebLogic Role Mapping provider failed because of an exception.
|
|
Cause
| An exception was thrown in the initialization method of the WebLogic Role Mapping provider.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090319
|
Error: Unknown resource type: type
|
Description
| The role id created for this resource id and role name is null.
|
|
Cause
| The role id cannot be null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090320
|
Error: Failed to create role
|
Description
| The WebLogic Role Mapping provider failed to create the role because of an exception.
|
|
Cause
| An exception was thrown during the createRole method.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090321
|
Error: Failed to set role expression
|
Description
| The WebLogic Role Mapping provider failed to set the role expression because of an exception.
|
|
Cause
| An exception was thrown during the setRole method.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090322
|
Error: role removal error
|
Description
| During the deletion or redeployment of an application, the deletion of security roles for the application failed because of an error.
|
|
Cause
| An EnRemoveException was thrown during the delete operation.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090323
|
Error: Map cannot be modified
|
Description
| The implementation of the Role Map does not support all the operations of a Map object. The Role Map is read-only and does not support the put, putAll, remove, and clear methods.
|
|
Cause
| Not all Map object methods are unsupported.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090324
|
Error: DefaultCredentialMapperImpl init failed: exc
|
Description
| The initialization of the WebLogic credential mapping provider failed because of an exception.
|
|
Cause
| An exception was thrown during the initialization of the WebLogic credential mapping provider.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090325
|
Error: No list available for the given cursor.
|
Description
| The cursor is invalid and does not have a corresponding list.
|
|
Cause
| Cursor is invalid.
|
|
Action
| Verify that the cursor was returned from the listCredentials or listMappings method.
|
|
|
BEA-090326
|
Error: DefaultCredentialMapperImpl.listCredentials got LDAP exception
|
Description
| The listCredentials method failed because of an LDAP exception.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server to get the list of credentials for this WebLogic resource.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090327
|
Error: DefaultCredentialMapperImpl.getCurrentCredentialRemoteUsername failed: No such credentials list cursor available
|
Description
| The cursor is invalid and does not have a corresponding credential list.
|
|
Cause
| Cursor is invalid.
|
|
Action
| Verify that the cursor was returned from the listCredentials method.
|
|
|
BEA-090328
|
Error: DefaultCredentialMapperImpl.getCurrentCredentialRemotePassword failed: No such credentials list cursor available
|
Description
| The cursor is invalid and does not have a corresponding credential list.
|
|
Cause
| Cursor is invalid.
|
|
Action
| Verify that the cursor was returned from the listCredentials method.
|
|
|
BEA-090329
|
Error: DefaultCredentialMapperImpl.listMappings got LDAP exception
|
Description
| The listMappings method failed because of an LDAP exception.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server to get the list of credential mappings for this WebLogic resource.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090330
|
Error: DefaultCredentialMapperImpl.getCurrentMappingWLSUsername failed: No such resource maps list cursor available
|
Description
| The cursor is invalid and does not have a corresponding mapping list.
|
|
Cause
| Cursor is invalid.
|
|
Action
| Verify that the cursor was returned from the listMappings method.
|
|
|
BEA-090331
|
Error: DefaultCredentialMapperImpl.getCurrentMappingRemoteUsername failed: No such resource maps list cursor available
|
Description
| The cursor is invalid and does not have a corresponding mapping list.
|
|
Cause
| Cursor is invalid.
|
|
Action
| Verify that the cursor was returned from the listMappings method.
|
|
|
BEA-090332
|
Error: DefaultCredentialMapperImpl.getRemoteUserName got LDAP exception
|
Description
| The getRemoteUserName method failed because of an LDAP exception.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server to get the credential map or the credential map principal.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090333
|
Error: DefaultCredentialMapperImpl.getRemotePassword got LDAP exception
|
Description
| The getRemotePassword method failed because of an LDAP exception.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server to get the password for the credential map.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090334
|
Error: DefaultCredentialMapperImpl.setUserPasswordCredential got LDAP exception
|
Description
| The setUserPaswordCredential method failed because of an LDAP exception.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server to set the password for the credential map.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090335
|
Error: DefaultCredentialMapperImpl.setUserPasswordCredentialMapping got LDAP exception
|
Description
| The setUserPaswordCredentialMapping method failed because of an LDAP exception.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server to set the credential resource map.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090336
|
Error: DefaultCredentialMapperImpl.removeUserPasswordCredential got LDAP exception
|
Description
| The removeUserPaswordCredential method failed because of an LDAP exception.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server to remove the user password credential.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090337
|
Error: DefaultCredentialMapperImpl.removeUserPasswordCredentialMapping got LDAP exception
|
Description
| The removeUserPaswordCredentialMapping method failed because of an LDAP exception.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server to remove the user password credential mapping.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090338(retired)
|
Error: cannot create file output stream at present path
|
Description
| The Audit log file can only be created with a null path.
|
|
Cause
| A non-null path for the Audit log file is not supported.
|
|
Action
| Specify a null value for the Output Medium attribute for the WebLogic Auditing provider.
|
|
|
BEA-090339
|
Error: Couldn't create file output stream path
|
Description
| The creation of the output file for the Audit log failed because of an IO exception.
|
|
Cause
| An IO exception was thrown during the create of either the temporary file or the real file for the Audit log.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090340(retired)
|
Error: Couldn't create temporary file to move old path .log into
|
Description
| The creation of the temporary file failed because of an IO exception.
|
|
Cause
| An IO exception was thrown during the call to createTempFile for the old file.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090341(retired)
|
Error: Couldn't delete temp file in which to move old Audit log
|
Description
| The delete of the temp file failed.
|
|
Cause
| The delete method for the temporary file returned false.
|
|
Action
| Verify that the file can be deleted and is not locked by some other process.
|
|
|
BEA-090342(retired)
|
Error: Couldn't rename from to to
|
Description
| The rename of the old Audit log file into a temporary file failed.
|
|
Cause
| The renameTo method returned false.
|
|
Action
| Verify that the file can be renamed and is not locked by some other process.
|
|
|
BEA-090343
|
Error: Couldn't delete Audit log file
|
Description
| The deletion of the Audit log file failed.
|
|
Cause
| The delete method for the temporary file returned false.
|
|
Action
| Verify that the file can be deleted and is not locked by some other process.
|
|
|
BEA-090344
|
Error: A valid security realm name must be specified when initializing
|
Description
| The security realm name passed when initializing the security service is either null or does not exist.
|
|
Cause
| The security realm name is null or does not exist.
|
|
Action
| Verify the security configuration. Ensure the default security realm is set and that the security realm exists.
|
|
|
BEA-090345
|
Error: Exception: Auditor.initialize, Invalid or missing Auditor configuration Mbean
|
Description
| The configuration MBeans passed to the WebLogic Auditing provider were either null or empty.
|
|
Cause
| Auditor configuration MBeans were not specified.
|
|
Action
| Verify the security configuration and ensure that the WebLogic Auditing provider is configured.
|
|
|
BEA-090346
|
Error: Exception: Auditor.initialize
|
Description
| The Auditor service initialization failed because no Auditing providers could be created.
|
|
Cause
| The list of created auditors is empty.
|
|
Action
| Verify the configuration and ensure that an Auditing provider is configured. Read the log file for failure messages that relate to the creation of an Auditing provider.
|
|
|
BEA-090347
|
Error: Auditor not yet initialized
|
Description
| An Auditing provider must be initialized before the writeEvent method can be called.
|
|
Cause
| The Auditing provider was not initialized before the writeEvent method was called.
|
|
Action
| This exception that indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090348
|
Error: No AuthorizerMBeans and no AdjudicatorMBean provided
|
Description
| No Authorization providers are configured.
|
|
Cause
| No provider MBeans were passed during the initialization of the Authorization Manager.
|
|
Action
| Configure at least one Authorization provider for the security realm.
|
|
|
BEA-090349
|
Error: Need at least one AuthorizerMBean
|
Description
| No Authorization providers are configured.
|
|
Cause
| An empty array of provider MBeans were passed during the initialization of the Authorization Manager.
|
|
Action
| Configure at least one Authorization provider for the security realm.
|
|
|
BEA-090350
|
Error: The RoleManager must be initialized prior to initializing an Authorization Manager
|
Description
| The Authorization Manager requires the Role Manager to be initialized before the Authorization Manager can initialize.
|
|
Cause
| Role Manager is not initialized.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090351
|
Error: Problem getting the AccessDecision
|
Description
| The Authorization provider did not return a valid AccessDecision object.
|
|
Cause
| The AccessDecision object returned from the Authorization provider is null.
|
|
Action
| Verify that the Authorization provider has correctly implemented the getAccessDecision method.
|
|
|
BEA-090352
|
Error: Problem getting the Adjudicator
|
Description
| The Adjudication provider did not return a valid Adjudicator object.
|
|
Cause
| The Adjudicator object returned from the Adjudication provider is null.
|
|
Action
| Verify the Adjudication provider has correctly implemented the getAdjudicator method.
|
|
|
BEA-090353
|
Error: Only AuthorizerMBeans and a AdjudicatorMBean may be passed to initialize
|
Description
| An unknown MBean was passed during the initialization of the Authorization Manager.
|
|
Cause
| The MBean is not of type AuthorizerMBean or AdjudicatorMBean.
|
|
Action
| Verify the configuration of the Authorization and Adjudication providers.
|
|
|
BEA-090354
|
Error: No DeployableAuthorizationProvider configured that have PolicyDeploymentEnabled set to true
|
Description
| In order to support Web applications and EJBs with security information defined in deployment descriptors, at least one Authorization provider in a security realm needs the Policy Deployment Enabled attribute set to true.
|
|
Cause
| No Authorization providers are configured to handle policy deployments.
|
|
Action
| Configure a deployable Authorization provider and ensure their Policy Deployment Enabled attribute is set to true.
|
|
|
BEA-090355
|
Error: Multiple Authorization Providers but No AdjudicatorMBean provided
|
Description
| Multiple Authorization providers are configured in the security realm but no Adjudication provider has been configured.
|
|
Cause
| An Adjudication provider is required if more than one Authorization provider is configured in a security realm.
|
|
Action
| Configure an Adjudication provider.
|
|
|
BEA-090356
|
Error: No AuthorizerMBean provided
|
Description
| The initialization of the Authorization Manager failed because no Authorization MBeans were found.
|
|
Cause
| No Authorization MBeans were found.
|
|
Action
| Verify the configuration of the security realm and ensure at least one Authorization provider is configured.
|
|
|
BEA-090357
|
Error: Calling isProtectedResource before the AuthorizationManager is initialized
|
Description
| The server called the isProtectedResource method before the Authorization Manager was initialized.
|
|
Cause
| The Authorization Manager must be initialized before any method calls.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090358
|
Error: Required parameter not supplied to isAccessAllowed
|
Description
| A required parameter was not supplied to the isAccessAllowed method. Either the subject, the resource, or the direction parameter is null.
|
|
Cause
| A required parameter was null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090359
|
Error: Required parameter not supplied to isProtectedResource
|
Description
| A required parameter was not supplied to the isProtectedResource method. Either the subject or resource parameter is null.
|
|
Cause
| A required parameter was null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090360
|
Error: deployableAuthorizationProvider is no longer configured
|
Description
| In order to support Web applications and EJBs that have security information in the deployment descriptors, at least one Authorization provider must have the Policy Deployment Enabled attribute set to true.
|
|
Cause
| No providers configured to handle policy deployments.
|
|
Action
| Configure a deployable Authorization provider and ensure their Policy Deployment Enabled attribute is set to true.
|
|
|
BEA-090361
|
Error: Exception: CredentialManager.initialize, Invalid or missing CredentialMapperMBean Mbean
|
Description
| The initialization of the Credential Manager failed because no credential mapping MBeans were found.
|
|
Cause
| The array of credential mapping MBeans was null or empty.
|
|
Action
| Verify the security realm configuration and ensure that a credential mapping provider is configured.
|
|
|
BEA-090362
|
Error: Exception: CredentialManager.initialize failed
|
Description
| The initialization of the Credential Manager failed because no credential mapping providers were created.
|
|
Cause
| At least one credential mapping provider must be configured in a security realm.
|
|
Action
| Verify the security realm configuration and ensure that one credential mapping provider is configured. Review the log for any creation failure messages on the credential mapping provider.
|
|
|
BEA-090363
|
Error: CredentialManager not yet initialized
|
Description
| The Credential Manager was not initialized before the getCredentials method was called.
|
|
Cause
| Methods cannot be called before the Credential Manager is initialized.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090364
|
Error: Exception: CredentialManager.getCredentials, credentialsType = null
|
Description
| The credentialType parameter passed to the getCredentials method is null.
|
|
Cause
| The credentialType parameter cannot be null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090365
|
Error: LoginModule error: loginModuleName loginModuleName
|
Description
| The loading of the delegate LoginModule failed because of an exception.
|
|
Cause
| A ClassNotFound, IllegalAccess, or Instantiation exception was thrown while loading the delegate LoginModule.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090366
|
Error: LoginModule error: null delegateLoginModuleName
|
Description
| A delegated LoginModule ensures the appropriate class loader is used to load the actual LoginModule. The delegated LoginModule is null.
|
|
Cause
| The delegate LoginModule is null.
|
|
Action
| Verify the Authentication provider has correctly implemented the getLoginModuleConfiguration method.
|
|
|
BEA-090367
|
Error: This method not yet implemented
|
Description
| The InvocableResource is not yet implemented.
|
|
Cause
| Method is not implemented and should not be used.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090368
|
Error: MBeans are not instances of Keystore MBean
|
Description
| An MBean that is not a Keystore MBean was passed when the Keystore Manager was initialized.
|
|
Cause
| MBean is not of type Keystore MBean.
|
|
Action
| Verify the WebLogic Keystore provider is configured properly.
|
|
|
BEA-090369
|
Error: Problem instantiating Keystore provider
|
Description
| The creation of the WebLogic Keystore provider failed because of an exception.
|
|
Cause
| An exception was thrown during the creation or initialization of the WebLogic Keystore provider.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090370
|
Error: No AuthenticationProviderMBean passed to initialize. Invalid configuration.
|
Description
| The initialization of the Authentication service failed because the array of Authentication provider MBeans that was passed was either null or empty.
|
|
Cause
| No Authentication provider MBeans were passed.
|
|
Action
| Verify the security realm configuration and ensure that an Authentication provider is configured.
|
|
|
BEA-090371
|
Error: Problem instantiating Authentication Provider exc
|
Description
| The initialization of the Authentication service failed because an exception occurred when creating an Authentication provider.
|
|
Cause
| An exception was thrown while creating an Authentication provider.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090372
|
Error: No CallbackHandler Supplied
|
Description
| The containers did not specify a callback handler when calling the method to authenticate in the Authentication service.
|
|
Cause
| The callback handler is null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090373
|
Error: Authentication Failed: User userName is locked out due to too many invalid login attempts
|
Description
| The authentication for user userName failed because there were too many invalid login attempts.
|
|
Cause
| User is locked out and cannot authenticate.
|
|
Action
| If access to user userName should be allowed, then unlock the user via the Administration Console.
|
|
|
BEA-090374
|
Error: No configured Authentication providers
|
Description
| There are no configured Authentication providers for the security realm.
|
|
Cause
| The list of configured Authentication providers is empty.
|
|
Action
| Configure an Authentication provider for the security realm.
|
|
|
BEA-090375
|
Error: Null TokenType Parameter
|
Description
| The token type passed to the identity assertion provider to assert identity is null.
|
|
Cause
| The token type is null.
|
|
Action
| The containers should not pass a null token types. This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090376
|
Error: Null Token Parameter
|
Description
| A null token was passed to the assertIdentity method of the identity assertion provider.
|
|
Cause
| The identity assertion token was null.
|
|
Action
| The containers should not pass null tokens. This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090377
|
Error: Identity Assertion Failed, exc
|
Description
| The identity assertion failed because of an IdentityAssertion exception.
|
|
Cause
| An IdentityAssertion exception was thrown in the assertIdentity or assertChallengeIdentity method of the identity assertion provider
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090378
|
Error: Identity Assertion Handler Failed, exc
|
Description
| The assertIdentity method failed because of an IOException or an UnsupportedCallbackException.
|
|
Cause
| The Identity Asserter provider does not support the NameCallback method or an input or output error occurred.
|
|
Action
| Verify that the Identity Asserter provider supports the NameCallback method. Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090379
|
Error: Identity Assertion Handler Failed, UserName Not Supplied
|
Description
| The identity assertion failed because the identity assertion provider could not map the identity assertion token to a username. It returned either a null username or a zero length username.
|
|
Cause
| The username is null or zero length. It must have a value.
|
|
Action
| The identity assertion provider support this behavior. If this behavior is not desired, modify the identity assertion provider to return a valid username for the identity token.
|
|
|
BEA-090380
|
Error: Identity Assertion Failed, Unsupported Token Type: tokenType
|
Description
| The token type tokenType is not supported because it is not configured as an active type for any identity assertion provider.
|
|
Cause
| Token type is not configured as an active type.
|
|
Action
| Define the token type tokenType in the Active Types attribute of the configured identity assertion provider.
|
|
|
BEA-090381
|
Error: No ChallengeIdentityAsserter configured for token type [tokenType]
|
Description
| The request to get the challenge token or assert the challenge identity failed because the token type tokenType is configured as an active type for an identity assertion provider that is not a challenge identity assertion provider.
|
|
Cause
| Token type is not configured as an active type by a challenge identity assertion provider.
|
|
Action
| Remove the token type tokenType from the currently configured identity assertion provider and set the Active Types attribute of an identity assertion provider of type ChallengeIdentityAsserter.
|
|
|
BEA-090382
|
Error: No ChallengeIdentityAsserter available for token type [tokenType]
|
Description
| The token type tokenType is not supported because it not configured as an active type by any challenge identity assertion provider.
|
|
Cause
| Token type is not configured as an active type by a challenge identity assertion provider.
|
|
Action
| Set the token type tokenType in the Active Types attribute of an identity assertion provider of type ChallengeIdentityAsserter.
|
|
|
BEA-090383
|
Error: Configuration Error, PrincipalValidator Mapping Error: baseName
|
Description
| The initialization of the principal validators failed due to a configuration error. Two different principal validators are configured for the same principal base class.
|
|
Cause
| Two different principal validators cannot be configured for the same base class.
|
|
Action
| Either modify the Authentication providers so one principal validator implementation is shared between the providers or modify the principal validators so they do not use the same principal base class.
|
|
|
BEA-090384
|
Error: No Provider MBeans
|
Description
| No Role Mapping providers are configured.
|
|
Cause
| No MBeans were passed during the initialization of the Role Manager.
|
|
Action
| Configure a Role Mapping provider.
|
|
|
BEA-090385
|
Error: Non-RoleMapperMBean passed.
|
Description
| A provider MBean that was not a Role Mapper MBean was passed to the initialization method of the Role Manager.
|
|
Cause
| The provider MBean must be of type RoleMapperMBean.
|
|
Action
| Verify that the configured Role Mapping providers are actually role mappers.
|
|
|
BEA-090386
|
Error: Problem getting the RoleMapper
|
Description
| The Role Mapping provider returned a null Role Mapper.
|
|
Cause
| The Role Mapper cannot be null.
|
|
Action
| Verify that the Role Mapping provider has correctly implemented the getRoleMapper method.
|
|
|
BEA-090387(retired)
|
Error: No DeployableRoleProvider configured that have RoleDeploymentEnabled set to true
|
Description
| In order to support Web applications and EJBs that have roles defined in the deployment descriptors, at least one Role Mapping provider must be configured with the Role Deployment Enabled attribute set to true.
|
|
Cause
| No Role Mappings providers are configured to handle role deployments.
|
|
Action
| Configure a deployable Role Mapping provider and ensure that the Role Deployment Enabled attribute is set to true.
|
|
|
BEA-090388
|
Error: No back pointer to the RealmMBean from the ProviderMBean
|
Description
| The MBean for the Role Mapping provider should reference the Realm MBean.
|
|
Cause
| The reference to the Realm MBean is null. It must have a non-null value.
|
|
Action
| Verify the configuration of the Role Mapping provider. Ensure that it is configured in the default (active) security realm.
|
|
|
BEA-090389
|
Error: RoleManager not yet initialized
|
Description
| The getRoles method was called before the Role Manager was initialized.
|
|
Cause
| The Role Manager must be initialized before the getRoles method can succeed.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090390(retired)
|
Error: DeployableRoleProvider is no longer configured
|
Description
| In order to support Web applications and EJBs with role information defined in the deployment descriptors, one deployable Role Mapping provider must be configured with the Role Deployment Enabled attribute set to true.
|
|
Cause
| No Role Mapping providers are configured to handle role deployments.
|
|
Action
| Configure a deployable Role Mapping provider and ensure the Role Deployment Enabled attribute is set to true.
|
|
|
BEA-090391
|
Error: Null User Identity
|
Description
| A null subject was passed to the runAs method.
|
|
Cause
| The identity for the runAs method cannot be null.
|
|
Action
| Ensure the subject passed to the runAs method is valid.
|
|
|
BEA-090392
|
Error: SecurityServiceManager not yet initialized.
|
Description
| A method in the Security service was been called before it was initialized.
|
|
Cause
| The Security service must be initialized before any method calls.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090393
|
Error: Security service not yet initialized: type
|
Description
| The server requested the Security service type before it was initialized.
|
|
Cause
| The Security service must be initialized before it can be used.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090394
|
Error: Must specify a Security realm
|
Description
| A null security realm name was passed to an internal method.
|
|
Cause
| The security realm name cannot be null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090395
|
Error: Must specify a SecurityService.ServiceType
|
Description
| A type was not specified in the call to get the Security service.
|
|
Cause
| The Security service type cannot be null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090396
|
Error: Security Realm realm does not exist
|
Description
| The security realm realm does not exist in the configuration.
|
|
Cause
| The security realm is not a valid.
|
|
Action
| Verify the security realm has all the required providers configured and the realm is set as the default (active) security realm.
|
|
|
BEA-090397
|
Error: Principal set does not contain a RealmAdapterUser
|
Description
| A subject contains principals. To convert a subject that can be sent to a pre-7.0 version of WebLogic Server, the subject must contain a principal of type RealmAdapterUser.
|
|
Cause
| A RealmAdapterUser is required to send a authenticated user to a previous version of WebLogic Server.
|
|
Action
| Configure the Realm Adapter provider.
|
|
|
BEA-090398
|
Error: Invalid Subject: subject
|
Description
| The subject subject could not be validated. A subject contains a set of principals. Each principal class has an associated principal validator that ensures the principal is valid. Principal validation failed for this subject.
|
|
Cause
| Principal validation failed for this subject.
|
|
Action
| Ensure that subject was created by this domain or in a domain trusted by this domain.
|
|
|
BEA-090399
|
Error: Security Services Unavailable
|
Description
| At boot time, the Authentication or Authorization security service was not available.
|
|
Cause
| Authentication and Authorization services are required to perform the boot authorization checks.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090400
|
Error: Set of Security Credential Failed
|
Description
| The automatic generation of the Credential attribute of the Security Configuration MBean failed when setting the attribute value in the MBean.
|
|
Cause
| The setting of the Credential attribute failed with an InvalidAttributeValue exception.
|
|
Action
| Read the exception text for more information in diagnosing the problem.
|
|
|
BEA-090401
|
Error: Can't look up information for non-default security realm.
|
Description
| The lookup of the isUseDeprecatedWebResource attribute failed because the specified security realm is not the default security realm.
|
|
Cause
| The isUseDeprecatedWebResource can only be used in the default security realm.
|
|
Action
| Make the security realm the default security realm or instead use the default (active) security realm.
|
|
|
BEA-090402
|
Critical: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
|
Description
| An authentication attempt using the username and password from the boot identity file failed.
|
|
Cause
| The user name and/or password from the boot identity file may have been changed since the boot identity file was created.
|
|
Action
| Update the boot identity file with the correct username and password for the boot identity.
|
|
|
BEA-090403
|
Critical: Authentication for user userName denied
|
Description
| An authentication attempt for the user userName failed.
|
|
Cause
| The user supplied an invalid password or the user name was invalid.
|
|
Action
| Reboot the server and specify the current user and password.
|
|
|
BEA-090404
|
Critical: User userName is not permitted to boot the server; The server policy may have changed in such a way that the user is no longer able to boot the server.Reboot the server with the administrative user account or contact the system administrator to update the server policy definitions.
|
Description
| The user userName has not been granted the necessary permission to boot the server.
|
|
Cause
| The server policy may have changed in such a way that the user is no longer able to boot the server.
|
|
Action
| Reboot the server from the administrative user account or contact the system administrator to update the server policy definitions.
|
|
|
BEA-090405
|
Error: Can only initialize the SecurityService once
|
Description
| The Security Service Manager was initialized more than once.
|
|
Cause
| The initialize method of the Security Service Manager was called more than once.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090406
|
Error: Failure loading security MBeans from path
|
Description
| The loading of the security MBeans failed due to a MBeanException.
|
|
Cause
| A MBeanException was thrown when loading the Security MBeans from path.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090407
|
Error: Invalid security configuration : no default security realm found.
|
Description
| There is no default security realm defined in the security configuration MBean.
|
|
Cause
| A default security realm is not defined.
|
|
Action
| Set one of the configured security realms as the default (active) security realm by setting the Default Realm attribute at the domain.
|
|
|
BEA-090408
|
Error: Security Configuration Unavailable
|
Description
| A security configuration was not found for the active domain.
|
|
Cause
| The security configuration MBean was null.
|
|
Action
| Verify that the SecurityConfiguration MBean is defined in the config.xml file.
|
|
|
BEA-090409
|
Error: Security Credential Unavailable: A credential value must be supplied for the Security configuration
|
Description
| The Credential attribute of the Security Configuration MBean is null or a zero-length byte array.
|
|
Cause
| The Credential attribute is invalid.
|
|
Action
| Set the Credential attribute for the security configuration.
|
|
|
BEA-090410
|
Error: Invalid security realm name: realmName
|
Description
| The security realm name realmName has no associated realm MBean.
|
|
Cause
| The Realm MBean is null.
|
|
Action
| Verify that the security realm name realmName refers to a valid configured security realm.
|
|
|
BEA-090411
|
Error: Security Realm [realmName] improperly configured
|
Description
| The validation of the security realm failed with one or more errors.
|
|
Cause
| One or more exceptions were thrown when the security realm was validated.
|
|
Action
| Read the exception text and correct the configuration of the security realm.
|
|
|
BEA-090412
|
Error: Failed to initialize realm: realmName
|
Description
| None of the security services in the specified security realm were configured or initialized.
|
|
Cause
| No security services were found in the security realm.
|
|
Action
| Configure an Authentication, Authorization, Adjudication, Role Mapping, and credential mapping provider in the security realm.
|
|
|
BEA-090413
|
Error: No Realm MBean found. Bad configuration, unable to initialize Security.
|
Description
| There is no default security realm configured.
|
|
Cause
| A default security realm is not configured.
|
|
Action
| Set one of the configured security realms as the default (active) security realm by setting the Default Realm attribute at the domain.
|
|
|
BEA-090414
|
Error: Need to configure at least one RoleMapperMBean
|
Description
| The getRoleMappers method for the Realm MBean returned an null or empty array.
|
|
Cause
| The array of Role Mapping providers for the security realm is null or empty.
|
|
Action
| Configure at least one Role Mapping provider for the security realm.
|
|
|
BEA-090415
|
Error: Need to configure at least one AuthorizerMBean
|
Description
| The getAuthorizers method for the Realm MBean returned an null or empty array.
|
|
Cause
| The array of Authorization providers for the security realm is null or empty.
|
|
Action
| Configure at least one Authorization provider for the security realm.
|
|
|
BEA-090416
|
Error: Cannot configure the Keystore providers : exc
|
Description
| The get or set of the Alg.Alias.KeyStore.type property failed due to a security exception.
|
|
Cause
| A Security exception was thrown during the get or set of the Alg.Alias.KeyStore property.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090417
|
Error: Cannot configure SSL; invalid parameter : exc
|
Description
| The initialization of the SSL Manager failed because of an invalid parameter exception.
|
|
Cause
| An InvalidParameter exception was thrown during the initialization of the SSL Manager.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090418
|
Error: Cannot configure SSL; permission denied exc
|
Description
| The initialization of the SSL Manager failed due to a security exception.
|
|
Cause
| A Security exception was thrown during the initialization of the SSL Manager.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090419
|
Error: Subject "userName" is not the kernel identity
|
Description
| The current subject userName is not the kernel identity and the kernel identity is required for this operation.
|
|
Cause
| The current subject is not the kernel identity.
|
|
Action
| Verify that the subject in userName is the correct identity. If so, this exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090420
|
Error: Security provider error: providerClassName className creation exception.
|
Description
| The security provider could not be created because of an instantiation or illegal access exception.
|
|
Cause
| An Instantiation exception or an IllegalAccess exception occurred while creating and initializing the security provider.
|
|
Action
| Read the associated exception text for more information on diagnosing the problem.
|
|
|
BEA-090421
|
Error: Security provider error: providerClassName className not found.
|
Description
| The security provider could not be created due to a class not found exception.
|
|
Cause
| A ClassNotFound exception was thrown when loading the security provider className.
|
|
Action
| Ensure that the class name in className is present. Read the associated exception text for more information on diagnosing the problem.
|
|
|
BEA-090422
|
Error: Loaded identity certificate but failed to convert it to javax.security.cert.X509Certificate
|
Description
| The SSL Manager could not convert the certificate loaded from the keystore into a javax.security.cert.X509Certificate.
|
|
Cause
| The conversion failed and the certificate is null.
|
|
Action
| Verify that the certificate contained within the keystore is valid.
|
|
|
BEA-090423
|
Error: The Server serverName was unable to find the server certificate file fileName specified by the SSL ServerCertificateFileName attribute.
|
Description
| The SSL Manager could not find the server certificate file fileName. The SSL Manager first looks for fileName relative to the current directory, then relative to the root directory for the server.
|
|
Cause
| The server certificate file was not found.
|
|
Action
| Verify the Server Certificate File attribute for server is specified correctly.
|
|
|
BEA-090424
|
Error: Cannot find the private key with alias aliasName in the keystore at location location
|
Description
| The SSL Manager could not find the alias aliasName in the keystore in file location.
|
|
Cause
| Alias was not found.
|
|
Action
| Verify the alias specified in the Server Private Key Alias attribute. Also, verify the contents of the keystore.
|
|
|
BEA-090425
|
Error: Cannot read private key file keyFileName. Exception is exc
|
Description
| The SSL Manager encountered an IOException when reading the private key.
|
|
Cause
| An IO exception was thrown when loading the private key.
|
|
Action
| Read the exception text in exc for more information in diagnosing the problem.
|
|
|
BEA-090426
|
Error: Cannot read private key from file keyFileName. Make sure password specified in environment property propertyName is valid. Exception is exc
|
Description
| The SSL Manager encountered a KeyManagement exception when reading the private key. The password or format is invalid.
|
|
Cause
| A KeyManagement exception was thrown when loading the private key.
|
|
Action
| Verify the password specified in environment property propertyName. Verify the format of the private key. Read the exception text in exc for more information in diagnosing the problem.
|
|
|
BEA-090427
|
Error: The server serverName was unable to find private key in the file keyFileName specified by the SSL ServerKeyFileName attribute.
|
Description
| The SSL Manager could not find the private key file keyFileName. The SSL Manager first looks for keyFileName relative to the current directory, then relative to the root directory for the server.
|
|
Cause
| The file keyFileName could not be found.
|
|
Action
| Modify the Server Key File Name attribute to specify a file that exists.
|
|
|
BEA-090428
|
Error: Cannot call setJava2SecurityMode more than once.
|
Description
| The setJava2SecurityMode method has been called more than once.
|
|
Cause
| The setJava2SecurityMode method can only be called once.
|
|
Action
| Ensure the setJava2SecurityMode method is only called once.
|
|
|
BEA-090429
|
Error: Not in a WebLogic server context.
|
Description
| The User Lockout implementation is called when not running in a server.
|
|
Cause
| The User Lockout implementation cannot be run outside of a server.
|
|
Action
| Only call the User Lockout code from a running server.
|
|
|
BEA-090430
|
Error: UserLockoutImpl constructor failed: exc
|
Description
| The User Lockout implementation failed to initialize because of an exception.
|
|
Cause
| An exception was thrown during the initialization of the User Lockout implementation.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090431
|
Error: Received a null user name
|
Description
| The User Lockout Manager received a null user name when locking or unlocking a user.
|
|
Cause
| The user name cannot be null.
|
|
Action
| Verify the specified username is not null.
|
|
|
BEA-090432
|
Error: Hashtable has the key but can't get the entry
|
Description
| The hash table that contains the invalid login information contains an entry for the user, but the entry is null.
|
|
Cause
| The invalid login information entry is null.
|
|
Action
| Verify the list of locked out users and unlock any users manually. Reboot the server if necessary. This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090433
|
Error: Inconsistent InvalidLogin record
|
Description
| The User Lockout Manager encountered a null vector of failures.
|
|
Cause
| The vector of failures is null.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090434
|
Error: Enumerator returned a null element for a key
|
Description
| When garbage collecting the list of invalid login information, the server encountered a null invalid login information entry.
|
|
Cause
| The invalid login information entry is null.
|
|
Action
| Verify the list of locked out users and unlock any users manually. Reboot the server if necessary. This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090435
|
Error: Subject subject does not have permission to unlock user userName in security realm realmName
|
Description
| The current subject does not have permission to unlock user userName.
|
|
Cause
| No permission to unlock the user.
|
|
Action
| Use an identity that does have permission to unlock this user.
|
|
|
BEA-090436
|
Error: Inconsistent hashtable - key exists but not value
|
Description
| The hash table that contains the invalid login information contains an entry for the user, but the entry is null.
|
|
Cause
| The invalid login information entry is null.
|
|
Action
| Verify the list of locked out users and unlock any users manually. Reboot the server if necessary. This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090437
|
Error: Security Service Unavailable
|
Description
| The weblogic.security.services.Authentication.login method could not find the Security service for authentication.
|
|
Cause
| Authentication service is null.
|
|
Action
| If a security realm name is specified in the login method, verify that the name of the security realm is correct. Otherwise, this exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090438
|
Error: Invalid Parameter
|
Description
| The Domain Configuration wizard specified an invalid user, password, or output directory when setting up the admin account.
|
|
Cause
| The user, password, or output directory is null or a zero length string.
|
|
Action
| Pass in a valid user, password, and output directory.
|
|
|
BEA-090439
|
Error: Invalid File Parameter file specified for Admin Account creation.
|
Description
| The Domain Configuration wizard or WebLogic Server configuration specified an invalid template file or output file when setting up the admin account.
|
|
Cause
| Either the template file does not exist or is not a file or the output directory does not exist is not a directory.
|
|
Action
| Pass in a valid template file and a valid output directory.
|
|
|
BEA-090440
|
Error: Encryption Error
|
Description
| The Domain Configuration wizard failed to setup the admin account because of an encryption failure when encrypting the password.
|
|
Cause
| The encrypted password was null.
|
|
Action
| Verify that a non-zero length password was passed to the wizard.
|
|
|
BEA-090441
|
Error: Internal Error
|
Description
| This exception indicates a configuration problem where JCE is expected to be used. However, either a JCE provider is not specified, or the JCE provider cannot be used.
|
|
Cause
| JCE provider not specified or cannot be used.
|
|
Action
| Verify the JCE configuration. Run with debug enabled @quot;-Dssl.debug=true -Dweblogic.StdoutDebugEnabled=true@quot;. Read the output for more information in diagnosing the problem.
|
|
|
BEA-090442
|
Error: location null or empty
|
Description
| The filename location of the keystore is null or a zero-length string.
|
|
Cause
| A keystore filename must not be null or a zero length string.
|
|
Action
| Set the keystore location to a valid filename.
|
|
|
BEA-090443
|
Error: null file
|
Description
| A null file is passed to the keystore load or store method.
|
|
Cause
| The load and store methods require a non-null filename.
|
|
Action
| Pass a valid filename to the keystore load or store method.
|
|
|
BEA-090444
|
Error: null keystore
|
Description
| A null keystore was passed to the keystore store method.
|
|
Cause
| A valid keystore is required for the store method. It cannot be null.
|
|
Action
| Pass in a non-null keystore to the store method.
|
|
|
BEA-090445
|
Error: null or empty passphrase
|
Description
| A null or empty passphrase was passed to the keystore store method.
|
|
Cause
| A passphrase is required for the store method. It cannot be null or a zero length string.
|
|
Action
| Pass in a valid passphrase.
|
|
|
BEA-090446
|
Error: Invalid Base Template
|
Description
| The template file that is used to contain the admin account created by the Domain Configuration wizard does not contain a valid template.
|
|
Cause
| The file did not contain the appropriate templates for the user or password.
|
|
Action
| If the Domain Configuration wizard was used, this exception indicates an internal coding error in the server. Contact BEA support. If the Domain Configuration wizard is not being used, verify the contents of the specified template file.
|
|
|
BEA-090447
|
Error: invalid flag value value
|
Description
| The value for the LoginModule control flag is invalid.
|
|
Cause
| The value specified for the LoginModule control flag is not supported.
|
|
Action
| Pass in a valid value for the LoginModule control flag. Valid values are REQUIRED, OPTIONAL, REQUISITE, or SUFFICIENT.
|
|
|
BEA-090448
|
Error: Invalid Format: format
|
Description
| The format specified for the import operation is invalid.
|
|
Cause
| Import format is either null, zero length, or not supported by this provider.
|
|
Action
| Pass in a supported format.
|
|
|
BEA-090449
|
Error: Invalid Constraints
|
Description
| This provider does not support constraints for the import or export operation.
|
|
Cause
| Constraints are not supported.
|
|
Action
| Do not pass constraints to the provider.
|
|
|
BEA-090450
|
Error: Invalid name supplied
|
Description
| In the import operation, the filename, domain name, or security realm name passed to the import method is null.
|
|
Cause
| The filename, domain name, or security realm name cannot be null.
|
|
Action
| Pass a non null filename, domain name, or security realm name.
|
|
|
BEA-090451
|
Error: Unable to read file: fileName
|
Description
| The file fileName specified to import from is either a directory, cannot be read, or has a length of zero.
|
|
Cause
| Import file cannot be read.
|
|
Action
| Verify the import filename.
|
|
|
BEA-090452
|
Error: Import only available on Admin server
|
Description
| An import operation can only be performed on the Admin server. This error should not occur if the Administration Console was used, but may occur if the MBeans were used from a Managed server.
|
|
Cause
| Import operation was attempted on a Managed server.
|
|
Action
| Run the MBean client on the Admin server.
|
|
|
BEA-090453
|
Error: Import File Error
|
Description
| The Import from a file failed because of an IO exception.
|
|
Cause
| An IO exception was thrown while importing from the file.
|
|
Action
| Verify the import filename. Read the exception text or the associated log message for more information on diagnosing the problem.
|
|
|
BEA-090454
|
Error: No base data to export
|
Description
| The export of the provider data to the file failed because the LDAP base DN to export was null.
|
|
Cause
| The base DN to export from is null or empty.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090455
|
Error: Export File Error
|
Description
| The Export to a file failed because of an IO Exception.
|
|
Cause
| An IO exception was thrown while exporting to the file.
|
|
Action
| Verify the export filename. Read the exception text or the associated log message for more information on diagnosing the problem.
|
|
|
BEA-090456
|
Error: Three arguments are required
|
Description
| The Signature Predicate requires three arguments.
|
|
Cause
| Three arguments are not specified.
|
|
Action
| Verify the signature condition in the Administration Console to ensure that three arguments are specified.
|
|
|
BEA-090457
|
Error: Type must be group or user value is value
|
Description
| The Type argument to the Signature Predicate must be @quot;user@quot; or @quot;group@quot;.
|
|
Cause
| The Type argument is not valid.
|
|
Action
| Verify the signature condition in the Administration Console to ensure that the Type argument is @quot;user@quot; or @quot;group@quot;.
|
|
|
BEA-090458
|
Error: Signature type cannot be null
|
Description
| The Signature type argument to the Signature Predicate is null.
|
|
Cause
| The Signature type value cannot be null.
|
|
Action
| Verify the signature condition in the Administration Console to ensure that the signature type argument is not null.
|
|
|
BEA-090459
|
Error: Signed by cannot be null
|
Description
| The Signed by argument to the Signature Predicate is null.
|
|
Cause
| The Signed by value cannot be null.
|
|
Action
| Verify the signature condition in the Administration Console to ensure that the Signed by argument is not null.
|
|
|
BEA-090460
|
Error: SSL context wrapper configuration error exc
|
Description
| The SSL context wrapper could not be created due to a configuration exception.
|
|
Cause
| A configuration exception was thrown when getting the SSL context wrapper class.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem and determining which class was not found.
|
|
|
BEA-090461
|
Error: Class not Found exc
|
Description
| The SSL context wrapper could not be created because of a class not found exception.
|
|
Cause
| An class not found exception was thrown when getting an instance of the wrapper class.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem and determining which class was not found.
|
|
|
BEA-090462
|
Error: Illegal access on context wrapper class exc
|
Description
| The SSL context wrapper could not be created because of an illegal access exception.
|
|
Cause
| An illegal access exception was thrown when getting an instance of the wrapper class.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem and determining which class was not found.
|
|
|
BEA-090463
|
Error: Instantiation exception on context wrapper class exc
|
Description
| The SSL context wrapper could not be created because of an instantiation exception.
|
|
Cause
| An instantiation exception was thrown when getting an instance of the wrapper class.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem and determining which class was not found.
|
|
|
BEA-090464
|
Error: Problem accessing private key
|
Description
| The private key and certificate chain could not be added as the server SSL identity because of a key management exception.
|
|
Cause
| A key management exception occurred when adding the private key and certificates to the SSL identity.
|
|
Action
| Verify the private key. Read the exception text in {0} for more information on diagnosing the problem and determining which class was not found.
|
|
|
BEA-090465
|
Error: Problem with certificate chain exc
|
Description
| The private key and certificate chain could not be added as the server SSL identity because of a certificate exception.
|
|
Cause
| A certificate exception occurred when adding the private key and certificates to the SSL identity.
|
|
Action
| Verify the certificates. Read the exception text in exc for more information on diagnosing the problem and determining which class was not found.
|
|
|
BEA-090466
|
Error: Assertion: illegal keystores value: value
|
Description
| This error occurs when the Keystore attribute from the Server MBean is not valid.
|
|
Cause
| The keystore attribute is not valid.
|
|
Action
| Verify that value value is one of the legalvalues listed in the Server MBean Keystores attribute.
|
|
|
BEA-090467
|
Error: problem with connection filter
|
Description
| The connection filter rules could not be set because of an exception.
|
|
Cause
| An exception was thrown while calling the setRules method.
|
|
Action
| Verify that the connection file class is specified correctly and present in the classpath. Verify that the setRules method is implemented correctly. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090468
|
Error: Set the AuditProviderClassName attribute to a valid value
|
Description
| The Audit Provider Class Name attribute was not set correctly.
|
|
Cause
| An exception was thrown while loading the class.
|
|
Action
| Verify that the class is specified correctly and present in the classpath. Read the exception text from the log message for more information on diagnosing the problem.
|
|
|
BEA-090469
|
Error: Invalid file format
|
Description
| This exception is thrown when an LDIF template file does not contain any substitution entries. This indicates that the file is not really a LDIF template file. This normally happens during an import operation.
|
|
Cause
| LDIF template file did not contain any substitution entries and does not have the correct file format.
|
|
Action
| Verify that the file specified to the import operation is really a LDIF template file produced by an export operation.
|
|
|
BEA-090470
|
Critical: Inconsistent security configuration, the arg0 security realm has been configured to use security data in deployment descriptors but no arg1 has been configured with deployment enabled.
|
Description
| The security realm has been configured to use security data from deployment descriptors but there is no arg1 configured to use the security data. If not corrected this may result in applications without proper security constraints.
|
|
Cause
| The arg0 security realm has been configured to use security data in deployment descriptors but no arg1 has been configured with deployment enabled.
|
|
Action
| Either uncheck the "Ignore security data in deployment descriptors" attribute for the security realm to ignore all deployment descriptor security information or configure at least one arg1 to have deployment enabled.
|
|
|
BEA-090471
|
Critical: Unable to deploy security information from a deployment descriptor. The arg0 security realm has been configured to use security data in deployment descriptors but no arg1 has been configured with deployment enabled.
|
Description
| The security realm has been configured to use security data from deployment descriptors but there is no arg1 enabled to use the security data. This may result in applications not being properly secured.
|
|
Cause
| The arg0 security realm has been configured to use security data in deployment descriptors but no arg1 has been configured with deployment enabled.
|
|
Action
| Either uncheck the "Ignore security data in deployment descriptors" attribute for the security realm to ignore all deployment descriptor security information or configure at least one arg1 to have deployment enabled.
|
|
|
BEA-090472
|
Critical: Unable to undeploy security information from a deployment descriptor. The arg0 security realm has been configured to use security data in deployment descriptors but no arg1 has been configured with deployment enabled.
|
Description
| The security realm has been configured to use security data from deployment descriptors but there is no arg1 enabled to use the security data. This may result in incorrect security data being applied to applications.
|
|
Cause
| The arg0 security realm has been configured to use security data in deployment descriptors but no arg1 has been configured with deployment enabled.
|
|
Action
| Either uncheck the "Ignore security data in deployment descriptors" attribute for the security realm to ignore all deployment descriptor security information or configure at least one arg1 to have deployment enabled.
|
|
|
BEA-090473
|
Error: DefaultAuthorizerImpl search failed: exc
|
Description
| The WebLogic Authorization provider failed a search for data because of an exception.
|
|
Cause
| An exception was thrown trying to access the data store.
|
|
Action
| Look at the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090474
|
Error: Unable to create temporary file: msg
|
Description
| An attempt to create a temporary file failed because of an exception.
|
|
Cause
| The java.io.tmpdir system property is not set correctly or the temporary directory is not writeable.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090475
|
Warning: Plaintext data for protocol protocol was received from peer peer instead of an SSL handshake.
|
Description
| Plaintext data was received over an SSL connection.
|
|
Cause
| A peer is trying to send plaintext data directly instead of using SSL.
|
|
Action
| Check the port and protocol settings on the peer that is trying to connect. It may be pointing to the SSL port by mistake or it may be specifying a plaintext protocol by mistake.
|
|
|
BEA-090476
|
Warning: Invalid/unknown SSL header was received from peer peer during SSL handshake.
|
Description
| Data received in SSL header was either invalid, or from a version of SSL that WebLogic Server does not understand.
|
|
Cause
| A peer is either sending invalid data, trying to connect using a newer version of SSL that is incompatible with the version of SSL used by WebLogic Server, or is trying to connect using plaintext data from a protocol for which WebLogic Server does not check.
|
|
Action
| Check the peer that is trying to connect. It may be trying to connect using a plaintext protocol over SSL by mistake, or it may be using some newer incompatible version of SSL.
|
|
|
BEA-090477
|
Warning: Certificate chain received from peer was not trusted causing SSL handshake failure.
|
Description
| Peer certificate chain was not trusted by the server.
|
|
Cause
| A peer presented a certificate chain to the server that the server does not trust
|
|
Action
| Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the server trusted CA configuration to trust the CA certificate that signed the peer certificate chain.
|
|
|
BEA-090478
|
Warning: Certificate chain received from peer was not signed properly causing SSL handshake failure.
|
Description
| Peer certificate chain was not signed properly, resulting in a validation error.
|
|
Cause
| A peer presented a certificate chain to the server that was not signed correctly.
|
|
Action
| Correct the peer certificate chain.
|
|
|
BEA-090479
|
Warning: Certificate chain received from peer failed date validity checks.
|
Description
| Peer certificate chain failed date validity checks, resulting in a validation error.
|
|
Cause
| A peer presented a certificate chain to the server that is either not yet valid or has expired.
|
|
Action
| Correct the peer certificate chain.
|
|
|
BEA-090480
|
Warning: SSL alert (AlertType) received from peer. Check the peer SSL configuration, or enable SSL debug tracing on the peer.
|
Description
| An SSL alert was received causing the SSL session end abruptly.
|
|
Cause
| The peer determined something was not correct, sent an alert, and ended the SSL session.
|
|
Action
| Check the peer to determine why it sent the alert and what alert it believes it sent. This action may require enabling SSL debug tracing to determine the exact cause.
|
|
|
BEA-090481
|
Warning: NO_CERTIFICATE alert was received from peer. Verify the SSL configuration has a proper SSL certificate chain and private key specified.
|
Description
| The peer was expecting to receive certificates from the server but it did not receive them so it ended the SSL session.
|
|
Cause
| The SSL configuration for this server needs to supply a certificate chain.
|
|
Action
| Verify a certificate chain and private key are being specified for the SSL configuration for the side of the SSL connection that logged this message. If the configuration appears correct, SSL debug tracing may be required on the peer to determine if the peer actually got a certificate chain message or not.
|
|
|
BEA-090482
|
Warning: BAD_CERTIFICATE alert was received from peer. Check the peer to determine why it rejected the certificate chain (trusted CA configuration, hostname verification). SSL debug tracing may be required to determine the exact reason the certificate was rejected.
|
Description
| The peer received a certificate in the certificate chain that rejected for an unspecified reason.
|
|
Cause
| The certificate chain sent to the peer may not be valid, or the peer may not be configured to accept the certificates.
|
|
Action
| Check the peer configuration to see if the certificate chain was rejected because the certificate was not trusted or because there was a hostname violation. Verify that the certificate chain sent to the peer had valid dates and had the correct issuer ordering. This action may require enabling SSL debug tracing to determine the exact cause.
|
|
|
BEA-090483
|
Warning: CERTIFICATE_REVOKED alert was received from peer. The certificate chain sent to the peer was rejected because it was revoked by the certificate authority.
|
Description
| The peer rejected the certificate chain because it was revoked by the certificate authority and is no longer valid.
|
|
Cause
| A certificate in the configured certificate chain was revoked by the certificate authority and is no longer valid.
|
|
Action
| A new certificate chain needs to be issued by the certificate authority, the SSL configuration then needs to be updated to use the new certificate chain and the new private key that corresponds to it.
|
|
|
BEA-090484
|
Warning: CERTIFICATE_EXPIRED alert was received from peer. A certificate in the certificate chain expired or is not yet valid, or the peer and local machine have a date/time mismatch.
|
Description
| The peer rejected a certificate in the chain either because it expired or it is not yet valid.
|
|
Cause
| A certificate in the chain is either expired or is not yet valid. Another possible cause is the peer machine date/time is not set properly causing the check to fail.
|
|
Action
| Verify the certificate validity and expiration dates in the certificate chain are correct. If they are not, obtain new certificates issued by the certificate authority and update the SSL configuration with the new certificates and private key. If the dates are valid, check the peer machine date/time setup.
|
|
|
BEA-090485
|
Warning: CERTIFICATE_UNKNOWN alert was received from peer. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.
|
Description
| The peer had a unspecified problem with the certificate chain and rejected the SSL session.
|
|
Cause
| The exact cause is unclear. To determine the cause, check messages from the peer to see if it explained what the problem.
|
|
Action
| Review the SSL messages from the peer by turning on SSL debug tracing.
|
|
|
BEA-090486
|
Warning: UNSUPPORTED_CERTIFICATE alert was received from peer. The peer rejected a certificate in the chain because it was an unsupported type. Verify all certificates in the chain are valid X.509 RSA certificates.
|
Description
| The peer rejected a certificate in the chain because it was an unsupported type.
|
|
Cause
| This problem could be caused by an incorrect type of certificate in the certificate chain or the peer not being able to handle certain attributes in a valid certificate.
|
|
Action
| The certificate chain should first be checked to ensure the certificates are all valid X.509 RSA certificates and are using the proper strength. If that is correct, SSL debug tracing may be required on the peer to see if it gives more detail on what was specifically not supported.
|
|
|
BEA-090487
|
Warning: UNKNOWN_CA alert received from peer. The peer is rejecting the certificate chain as being untrusted or incomplete.
|
Description
| The certificate chain was not trusted by the peer.
|
|
Cause
| The peer is not configured to trust the CA that signed the certificate chain.
|
|
Action
| Review the certificate chain and the peer trusted CA configuration to determine whether the peer should be trusting the certificate chain or whether a new certificate chain is required that is trusted by the peer.
|
|
|
BEA-090488
|
Warning: PROTOCOL_VERSION alert received from peer. Check that the peer supports the same level of the SSL/TLS protocol being used (SSL V3.0 and TLS V1.0)
|
Description
| The peer received a protocol version that it does not support.
|
|
Cause
| The peer may not support the same level of the SSL/TLS protocol, or there was some sort of data corruption occurring with the low-level SSL records.
|
|
Action
| The peer needs to be checked to determine whether it supports SSL V3.0 and TLS V1.0. If it does, SSL debug tracing may be required to see if the SSL record was rejected for another reason.
|
|
|
BEA-090489
|
Warning: NO_RENEGOTIATION alert was received from peer. The peer does not support renegotiation.
|
Description
| This warning is an alert that the peer is sending in response to a renegotiation request.
|
|
Cause
| The peer does not support renegotiation and is responding to a renegotiation request with a warning to indicate it is not supported.
|
|
Action
| No action is required.
|
|
|
BEA-090490
|
Warning: ACCESS_DENIED alert received from peer. The peer recognizes the certificate chain but a higher-level access control is rejecting it.
|
Description
| The peer is not allowing the connection because of an access control or authorization check.
|
|
Cause
| The peer is likely doing an authorization check, perhaps above the SSL layer and is rejecting the connection because of an authorization check failure.
|
|
Action
| Check the peer configuration to determine why the authorization check is failing.
|
|
|
BEA-090491
|
Warning: INSUFFICIENT_SECURITY alert received from peer. The peer requires stronger ciphers to be supported.
|
Description
| The peer requires stronger ciphers to be supported.
|
|
Cause
| The peer requires stronger ciphers than specified in the SSL configuration of the server.
|
|
Action
| Determine the ciphers required by the peer and update the SSL configuration. This updated may not be possible if the required ciphers are stronger than allowed by WebLogic Server license.
|
|
|
BEA-090492
|
Warning: UNEXPECTED_MESSAGE alert received from peer.
|
Description
| The peer received an unexpected message.
|
|
Cause
| This message indicates a problem in the SSL implementations or data corruption.
|
|
Action
| Enable SSL debug tracing on both sides of the SSL connection. Also, check the network for possible problems.
|
|
|
BEA-090493
|
Warning: BAD_RECORD_MAC alert received from peer. The peer indicated it received a record with an invalid MAC.
|
Description
| The peer indicated it received a record with an invalid MAC.
|
|
Cause
| The certificate does not match the private key or data corruption has occurred.
|
|
Action
| Check the SSL configuration to ensure the certificate and private key match, check the network, and verify the routes between the machines.
|
|
|
BEA-090494
|
Warning: DECRYPTION_FAILED alert received from peer. The peer detected errors when decrypting.
|
Description
| The peer detected errors when decrypting data.
|
|
Cause
| A cryptography error or a data corruption error.
|
|
Action
| Check both sides of the SSL connection for relevant error information, check the network, and verify the routes between the machines.
|
|
|
BEA-090495
|
Warning: RECORD_OVERFLOW alert received from peer. The peer received an invalid record with a length greater than allowed.
|
Description
| The peer detected an invalid record.
|
|
Cause
| A problem in the SSL implementation or a data corruption error.
|
|
Action
| Check both sides of the SSL connection for relevant error information, check the network, and verify the routes between the machines.
|
|
|
BEA-090496
|
Warning: DECOMPRESSION_FAILURE alert received from peer. The peer was unable to decompress data.
|
Description
| The peer believed the data needed to be decompressed and it failed.
|
|
Cause
| WebLogic Server does not support data compression. This message likely indicates a data corruption problem.
|
|
Action
| Check both sides of the SSL connection for any relevant error information, check the network, and verify the routes between the machines.
|
|
|
BEA-090497
|
Warning: HANDSHAKE_FAILURE alert received from peer. Check both sides of the SSL configuration for mismatches in supported ciphers, supported protocol versions, trusted CAs, and hostname verification settings.
|
Description
| The peer was unable to negotiate an acceptable set of security parameters and rejected the SSL session.
|
|
Cause
| There is a mismatch in the SSL configurations.
|
|
Action
| Check both sides of the SSL configuration for mismatches in supported ciphers, supported protocol versions, trusted CAs, and hostname verification settings. SSL Debug tracing may be needed on both sides to determine the exact cause.
|
|
|
BEA-090498
|
Warning: ILLEGAL_PARAMETER alert received from peer.
|
Description
| The peer detected an invalid parameter during the SSL handshake.
|
|
Cause
| This message is most likely caused by a data corruption error.
|
|
Action
| Check both sides of the SSL connection for relevant error information, check the network, and verify the routes between the machines.
|
|
|
BEA-090499
|
Warning: DECODE_ERROR alert received from peer.
|
Description
| The peer was unable to decode a message because of an invalid field.
|
|
Cause
| This message is most likely caused by a data corruption error.
|
|
Action
| Check both sides of the SSL connection for relevant error information, check the network, and verify the routes between the machines.
|
|
|
BEA-090500
|
Warning: DECRYPT_ERROR alert received from peer. A decryption error occurred during the SSL handshake.
|
Description
| The peer detected a decryption error during the SSL handshake.
|
|
Cause
| This message is most likely caused by a data corruption error.
|
|
Action
| Check both sides of the SSL connection for relevant error information, check the network, and verify the routes between the machines.
|
|
|
BEA-090501
|
Warning: EXPORT_RESTRICTION alert received from peer.
|
Description
| The peer detected an attempt to negotiate parameters that do not comply with export restrictions.
|
|
Cause
| This message could be caused by an SSL configuration mismatch between the implementations.
|
|
Action
| Check both sides of the SSL connection for relevant error information, check the network, and verify the routes between the machines.
|
|
|
BEA-090502
|
Warning: INTERNAL_ERROR alert received from peer. Check for unrelated failures such as insufficient resources.
|
Description
| The peer detected an internal error unrelated to the protocol.
|
|
Cause
| There may be failures because of insufficient resource (memory, file descriptors, etc...).
|
|
Action
| Check both sides of the SSL connection for relevant error information.
|
|
|
BEA-090503
|
Warning: The public key from the configured server certificate and the configured server private key do not match.
|
Description
| The public and private key configured for the server do not match.
|
|
Cause
| The server SSL configuration is incorrect. Either the certificate, the private key, or both are incorrectly specified.
|
|
Action
| Check the SSL configuration. Check that the server certificate corresponds to the server private key.
|
|
|
BEA-090504
|
Warning: Certificate chain received from peer failed hostname verification check. Certificate contained certName but check expected expectedName
|
Description
| Peer certificate chain failed hostname verification checks, resulting in a validation error.
|
|
Cause
| A peer presented a certificate chain to the server that did not pass the hostname verification check.
|
|
Action
| Check that the hostname in the peer certificate matches the hostname expected by the hostname verifier.
|
|
|
BEA-090505
|
Warning: No certificate chain was received from peer, hostname verification check failed.
|
Description
| The peer did not present a certificate chain for hostname verification.
|
|
Cause
| The peer is most likely not configured to support a cipher that presents a certificate.
|
|
Action
| Check the supported ciphers on the peer and ensure that it supports a cipher that provides a certificate.
|
|
|
BEA-090506
|
Warning: Unspecified exception occurred handling hostname verification for peer.
|
Description
| An unspecified exception occurred during hostname verification checking
|
|
Cause
| The hostname verifier failed.
|
|
Action
| Enable SSL debug tracing to determine the exact exception. If this is a custom hostname verifier, there may be coding problems in the implementation.
|
|
|
BEA-090507
|
Warning: Unspecified exception occurred converting certificates from peer to legacy format during trust validation.
|
Description
| An unspecified exception occurred during trust validation checking when converting certificates.
|
|
Cause
| An exception occurred while converting certificates for the trust validation checking. There may be attributes in the certificates that are not supported by legacy certificate code.
|
|
Action
| Examine the certificates presented by the peer for errors or special attributes.
|
|
|
BEA-090508
|
Warning: Certificate chain received from peer was incomplete.
|
Description
| Peer certificate chain was not completed with a self-signed certificate.
|
|
Cause
| A peer presented a certificate chain to the server that was incomplete (it did not contain a trusted CA).
|
|
Action
| Check the peer certificate chain to determine if it should be trusted or not. If it should be trusted, then update the server trusted CA configuration to trust the CA that signed the certificate chain. If the chain was incomplete, correct the chain.
|
|
|
BEA-090509
|
Error: The SSL ListenPort attribute port cannot be the same as the non-secure ListenPort for the server.
|
Description
| SSL could not be initialized.
|
|
Cause
| The same value was specified for the server Listen port and the SSL Listen port.
|
|
Action
| Correct the configuration of the SSL Listen port. The value must be different that than the server Listen port.
|
|
|
BEA-090510
|
Error: Error: username not specified
|
Description
| In the UsernamePasswordLoginModule class, a null username was specified.
|
|
Cause
| The username supplied in the NameCallback is null.
|
|
Action
| Set a username when a NameCallback is passed to the CallbackHandler.
|
|
|
BEA-090511
|
Info: The following exception has occurred: \n
|
Description
| A stack trace is being printed for an exception that occurred.
|
|
Cause
| An error condition has occurred.
|
|
Action
| Read the associated exception in the log or in application to determine the problem. In general, a stack trace can be used to debug an existing problem.
|
|
|
BEA-090512
|
Critical: The WebLogic Auditing provider failed to register to listen for AuditorMBean attribute change notifications
|
Description
| The WebLogic Auditing provider will not be informed about audit severity changes, thus, changes to Severity attribute will not take effect dynamically.
|
|
Cause
| The installation of WebLogic Server is corrupt.
|
|
Action
| In order for a change in the auditing severity to take effect, the server needs to be rebooted.
|
|
|
BEA-090513
|
Error: ServerIdentity failed validation, downgrading to anonymous.
|
Description
| The ServerIdentity failed validation. Within this domain, the server identity is downgraded to Anonymous.
|
|
Cause
| Trust has not been properly established between two domains. If the domains are not configured properly, a hacker could make an attempt to guess the server identity for this domain.
|
|
Action
| See the documentation on "Enabling Trust Between WebLogic Domains" at http://e-docs.bea.com.
|
|
|
BEA-090514
|
Info: The server certificate chain has settings which might cause it to be rejected by peers during SSL handshaking, no action is required unless peers are rejecting the certificate chain.
|
Description
| The server certificate chain has CA certificates which have BasicConstraints settings which are either missing or set in such a way that a peer may reject it during SSL handshaking.
|
|
Cause
| The server certificate chain has CA certificates which have BasicConstraints settings which are either missing or set in such a way that a peer may reject it during SSL handshaking.
|
|
Action
| No action is necessarily required. If peers have trouble handshaking, check that the BasicConstraints settings in the CA certificates in the chain are specified correctly.
|
|
|
BEA-090515
|
Info: The certificate chain could not be completely checked for issues which could cause it to be rejected by a peer during SSL handshaking, no action is required unless peers are rejecting the certificate chain.
|
Description
| The certificate chain was incomplete and as a result it could not be entirely checked for issues which could cause SSL handshaking problems with peers.
|
|
Cause
| The configured certificate chain was incomplete.
|
|
Action
| No action is necessarily required. If the entire certificate chain is to be checked, ensure that the entire certificate chain is specified in the configuration.
|
|
|
BEA-090516
|
Info: The arg0 provider has preexisting LDAP data.
|
Description
| The arg0 provider has preexisting LDAP data. If a *arg0Init.ldift file in the domain directory exists it will not be used.
|
|
Cause
| The provider was initialized during a previous boot of the WebLogic Server
|
|
Action
| No action necessary.
|
|
|
BEA-090517
|
Error: group memberGroupName cannot be added to group groupName since groupName is already a member of memberGroupName
|
Description
| Group memberGroupName cannot be a member of group groupName since group groupName is already a member of group memberGroupName. This type of group membership is circular and is not allowed.
|
|
Cause
| Group membership can not be circular..
|
|
Action
| Ensure that group membership is not circular. Add this group to a different group.
|
|
|
BEA-090518
|
Critical: Could not decrypt the attributeName attribute value of attributeValue from the file filename. If you have copied an encrypted attribute from boot.properties from another domain into filename, change the encrypted attribute to its cleartext value then reboot the server. The attribute will be re-encrypted. Otherwise, change all encrypted attributes to their cleartext values, then reboot the server. All encryptable attributes will be re-encrypted. The decryption failed with the exception exceptionText.
|
Description
| Decryption failed with the exception exceptionText.
|
|
Cause
| Invalid encrypted value found in boot.properties.
|
|
Action
| If you have copied an encrypted attribute from boot.properties from another domain into filename, change the encrypted attribute to its cleartext value then reboot the server. The attribute will be re-encrypted. Otherwise, change all encrypted attributes to their cleartext values, then reboot the server. All encryptable attributes will be re-encrypted.
|
|
|
BEA-090519
|
Warning: The realm realm is not properly configured. Follow the directions in the following errors to correctly configure the realm.
|
Description
| The realm realm is not properly configured.
|
|
Cause
| See the following errors.
|
|
Action
| Follow the directions in the following errors to correctly configure the realm.
|
|
|
BEA-090520
|
Warning: The realm realm does not have an authenticator configured. To correct the problem, configure an authenticator.
|
Description
| The realm realm does not have an authenticator configured.
|
|
Cause
| The realm realm does not have an authenticator configured.
|
|
Action
| To correct the problem, configure an authenticator.
|
|
|
BEA-090521
|
Warning: The realm realm does not have a role mapper configured. To correct the problem, configure a role mapper.
|
Description
| The realm realm does not have a role mapper configured.
|
|
Cause
| The realm realm does not have a a role mapper configured.
|
|
Action
| To correct the problem, configure a role mapper.
|
|
|
BEA-090522
|
Warning: The realm realm does not have a deployable role mapper configured. To correct the problem, configure a deployable role mapper.
|
Description
| The realm realm does not have a deployable role mapper configured.
|
|
Cause
| The realm realm does not have a a deployable role mapper configured.
|
|
Action
| To correct the problem, configure a deployable role mapper.
|
|
|
BEA-090523
|
Warning: None of the deployable role mappers in realm realm has deployments enabled. To correct the problem, enable deployments in one of the deployable role mappers.
|
Description
| None of the deployable role mappers in realm realm has deployments enabled.
|
|
Cause
| None of the deployable role mappers in realm realm has deployments enabled.
|
|
Action
| To correct the problem, enable deployments in one of the deployable role mappers.
|
|
|
BEA-090524
|
Warning: The realm realm does not have an authorizer configured. To correct the problem, configure an authorizer.
|
Description
| The realm realm does not have an authorizer configured.
|
|
Cause
| The realm realm does not have an authorizer configured.
|
|
Action
| To correct the problem, configure an authorizer.
|
|
|
BEA-090525
|
Warning: The realm realm does not have a deployable authorizer configured. To correct the problem, configure a deployable authorizer.
|
Description
| The realm realm does not have a deployable authorizer configured.
|
|
Cause
| The realm realm does not have a deployable authorizer configured.
|
|
Action
| To correct the problem, configure a deployable authorizer.
|
|
|
BEA-090526
|
Warning: None of the deployable authorizers in realm realm has deployments enabled. To correct the problem, enable deployments in one of the deployable authorizers.
|
Description
| None of the deployable authorizers in realm realm has deployments enabled.
|
|
Cause
| None of the deployable authorizers in realm realm has deployments enabled.
|
|
Action
| To correct the problem, enable deployments in one of the deployable authorizers.
|
|
|
BEA-090527
|
Warning: The realm realm does not have a credential mapper configured. To correct the problem, configure a credential mapper.
|
Description
| The realm realm does not have a credential mapper configured.
|
|
Cause
| The realm realm does not have a credential mapper configured.
|
|
Action
| To correct the problem, configure a credential mapper.
|
|
|
BEA-090528
|
Warning: The realm realm does not have a deployable credential mapper configured. To correct the problem, configure a deployable credential mapper.
|
Description
| The realm realm does not have a deployable credential mapper configured.
|
|
Cause
| The realm realm does not have a deployable credential mapper configured.
|
|
Action
| To correct the problem, configure a deployable credential mapper.
|
|
|
BEA-090529
|
Warning: None of the deployable credential mappers in realm realm has deployments enabled. To correct the problem, enable deployments in one of the deployable credential mappers.
|
Description
| None of the deployable credential mappers in realm realm has deployments enabled.
|
|
Cause
| None of the deployable credential mappers in realm realm has deployments enabled.
|
|
Action
| To correct the problem, enable deployments in one of the deployable credential mappers.
|
|
|
BEA-090530
|
Warning: The realm realm has more than one identity asserter configured with the token type activeType selected as an active type. To correct the problem, decide which of the identity asserters should handle this token type, and set it as an active type in that identity asserter, and unset it as an active type for all the other identity asserters.
|
Description
| The realm realm has more than one identity asserter configured with the token type activeType selected as an active type.
|
|
Cause
| The realm realm has more than one identity asserter configured with the token type activeType selected as an active type.
|
|
Action
| To correct the problem, decide which of the identity asserters should handle this token type, and set it as an active type in that identity asserter, and unset it as an active type for all the other identity asserters.
|
|
|
BEA-090531
|
Warning: The realm realm has multiple authorizers but no adjudicator. To correct the problem, configure an adjudicator.
|
Description
| The realm realm has multiple authorizers but no adjudicator.
|
|
Cause
| The realm realm has multiple authorizers but no adjudicator.
|
|
Action
| To correct the problem, configure an adjudicator.
|
|
|
BEA-090532
|
Warning: The realm realm has a realm adapter adjudicator but no realm adapter authorizer. To correct the problem, configure a realm adapter authorizer.
|
Description
| The realm realm has a realm adapter adjudicator but no realm adapter authorizer.
|
|
Cause
| The realm realm has a realm adapter adjudicator but no realm adapter authorizer.
|
|
Action
| To correct the problem, configure a realm adapter authorizer.
|
|
|
BEA-090533
|
Warning: The realm realm has a realm adapter adjudicator but no default authorizer. To correct the problem, configure a default authorizer.
|
Description
| The realm realm has a realm adapter adjudicator but no default authorizer.
|
|
Cause
| The realm realm has a realm adapter adjudicator but no default authorizer.
|
|
Action
| To correct the problem, configure a default authorizer.
|
|
|
BEA-090534
|
Warning: The realm realm has a realm adapter adjudicator but multiple default authorizers. To correct the problem, remove all the default authorizers except one.
|
Description
| The realm realm has a realm adapter adjudicator but multiple default authorizers.
|
|
Cause
| The realm realm has a realm adapter adjudicator but multiple default authorizers.
|
|
Action
| To correct the problem, remove all the default authorizers except one.
|
|
|
BEA-090535
|
Warning: The realm realm has a realm adapter adjudicator but is using an authorizer which is neither a realm adapter authorizer nor a default authorizer. To correct the problem, remove all authorizers except the realm adapter authorizer and the default authorizer.
|
Description
| The realm realm has a realm adapter adjudicator but is using an authorizer which is neither a realm adapter authorizer nor a default authorizer.
|
|
Cause
| The realm realm has a realm adapter adjudicator but is using an authorizer which is neither a realm adapter authorizer nor a default authorizer.
|
|
Action
| To correct the problem, remove all authorizers except the realm adapter authorizer and the default authorizer.
|
|
|
BEA-090536
|
Warning: The realm realm has multiple realm adapter authorizers. To correct the problem, remove all the realm adapter authorizers except one.
|
Description
| The realm realm has multiple realm adapter authorizers.
|
|
Cause
| The realm realm has multiple realm adapter authorizers.
|
|
Action
| To correct the problem, remove all the realm adapter authorizers except one.
|
|
|
BEA-090537
|
Warning: The realm realm has multiple realm adapter authenticators. To correct the problem, remove all the realm adapter authenticators except one.
|
Description
| The realm realm has multiple realm adapter authenticators.
|
|
Cause
| The realm realm has multiple realm adapter authenticators.
|
|
Action
| To correct the problem, remove all the realm adapter authenticators except one.
|
|
|
BEA-090538
|
Warning: The realm realm has a realm adapter authorizer but no realm adapter authenticator. To correct the problem, configure a realm adapter authenticator.
|
Description
| The realm realm has a realm adapter authorizer but no realm adapter authenticator.
|
|
Cause
| The realm realm has a realm adapter authorizer but no realm adapter authenticator.
|
|
Action
| To correct the problem, configure a realm adapter authenticator.
|
|
|
BEA-090539
|
Warning: The realm realm has keystore configured that is not a default keystore. To correct the problem, remove the non-default keystore.
|
Description
| The realm realm has keystore configured that is not a default keystore.
|
|
Cause
| The realm realm has keystore configured that is not a default keystore.
|
|
Action
| To correct the problem, remove the non-default keystore.
|
|
|
BEA-090540
|
Warning: The realm realm has more than one default keystore configured for trusted CAs. To correct the problem, ensure that only one default keystore provider has its root CA keystore location configured.
|
Description
| The realm realm has more than one default keystore configured for trusted CAs.
|
|
Cause
| The realm realm has more than one default keystore configured for trusted CAs.
|
|
Action
| To correct the problem, ensure that only one default keystore provider has its root CA keystore location configured.
|
|
|
BEA-090541
|
Warning: The realm realm has more than one default keystore configured for private keys. To correct the problem, ensure that only one default keystore provider has its private key keystore location configured.
|
Description
| The realm realm has more than one default keystore configured for private keys.
|
|
Cause
| The realm realm has more than one default keystore configured for private keys.
|
|
Action
| To correct the problem, ensure that only one default keystore provider has its private key keystore location configured.
|
|
|
BEA-090542
|
Warning: Certificate chain received from peer was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.
|
Description
| Peer certificate chain was not trusted by the server.
|
|
Cause
| A peer presented a certificate chain to the server that the server does not trust
|
|
Action
| Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.
|
|
|
BEA-090543
|
Warning: Certificate chain received from peer was incomplete. Check the peer certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA that signed the certificate chain. If the chain was incomplete, correct the chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.
|
Description
| Peer certificate chain was not completed with a self-signed certificate.
|
|
Cause
| A peer presented a certificate chain to the server that was incomplete (it did not contain a trusted CA).
|
|
Action
| Check the peer certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA that signed the certificate chain. If the chain was incomplete, correct the chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.
|
|
|
BEA-090544
|
Error: No search filter supplied
|
Description
| A search filter was expected for data export.
|
|
Cause
| The search filter was empty or not supplied.
|
|
Action
| Supply a search filter when exporting data.
|
|
|
BEA-090545
|
Error: DefaultRoleMapperImpl search failed: exc
|
Description
| The WebLogic Role Mapping provider failed a search for data because of an exception.
|
|
Cause
| An exception was thrown trying to access the data store.
|
|
Action
| Look at the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090546
|
Critical: The server is configured to use custom identity and command line trust, but either demo trust or no trust was specified on the command line or in boot.properties.
|
Description
| No certificate, private key or trusted CAs will be used.
|
|
Cause
| The server's KeyStore value in config.xml is CustomIdentityAndCommandLineTrust, but, on the command line to boot the server or in boot.properties, either no trust or DemoTrust was specified.
|
|
Action
| To correct the problem, either specify -Dweblogic.security.TrustKeyStore=JavaStandardTrust or -Dweblogic.security.TrustKeyStore=CustomTrust and -Dweblogic.security.CustomTrustKeyStoreFileName on the command line when booting the server (or specify TrustKeyStore=JavaStandardTrust or TrustKeyStore=CustomTrust and CustomTrustKeyStoreFileName in boot.properties).
|
|
|
BEA-090547
|
Warning: The certificate chain received from peer contained a V3 CA certificate which had basic constraints which were not marked critical, this is being rejected due to the strict enforcement of basic constraints.
|
Description
| The certificate chain received from peer contained a V3 CA certificate which had basic constraints which were not marked critical, this is being rejected due to the strict enforcement of basic constraints.
|
|
Cause
| Strict basic constraints checking was explicitly enabled, and a certificate chain received by the peer contained a CA which failed due to the strict check but would have passed the strong check.
|
|
Action
| If strict compliance of RFC 2459 for basic constraints is really required, then the peer certificate chain was correctly rejected and needs to be corrected. If strict compliance is not really required, consider setting the constraints checking back to the default value of strong to accept the certificate chain.
|
|
|
BEA-090548
|
Warning: The certificate chain received from peer contained a V3 CA certificate which was missing the basic constraints extension
|
Description
| The certificate chain received from peer contained a V3 CA certificate which was missing the basic constraints extension.
|
|
Cause
| The certificate chain received by the peer contained a V3 CA certificate which does not contain a basic constraints extension indicating that it really is a CA. This is rejected by the basic constraints checking for strong and strict, which protects against a specific certificate chain attack on SSL.
|
|
Action
| The peer certificate chain needs to be looked at carefully to determine which CA was missing the basic constraints extension. If the certificate chain really is from a valid peer, you should look at updating the peer certificate chain with valid CA certificates. If this is not possible, you can disable the basic constraints checking to allow the certificate chain to be accepted and allows this vulnerability to be exploited.
|
|
|
BEA-090549
|
Warning: The certificate chain received from peer contained a V3 CA certificate which did not indicate it really is a CA.
|
Description
| The certificate chain received from peer contained a V3 CA certificate which contained an invalid basic constraints extension. The extension did not indicate it was a CA certificate.
|
|
Cause
| The certificate chain received by the peer contained a V3 CA certificate which contained a basic constraints extension which was not marked as being a CA. This is rejected by the basic constraints checking for strong and strict, which protects against a specific certificate chain attack on SSL.
|
|
Action
| The peer certificate chain needs to be looked at carefully to determine which CA is not correct. If the certificate chain really is from a valid peer, you should look at updating the peer certificate chain with valid CA certificates. If this is not possible, you can disable the basic constraints checking to allow the certificate chain to be accepted and allows this vulnerability to be exploited.
|
|
|
BEA-090550
|
Warning: The certificate chain received from peer contained a V3 CA certificate which indicated a certificate chain path length in the basic constraints that was exceeded.
|
Description
| The certificate chain received from peer contained a V3 CA certificate which indicated a certificate chain path length in the basic constraints that was exceeded.
|
|
Cause
| The certificate chain received by the peer contained a V3 CA certificate which specified a path length in the basic constraints that was exceeded. This is rejected by the basic constraints checking for strong and strict, which protects against a specific certificate chain attack on SSL.
|
|
Action
| The peer certificate chain needs to be looked at carefully to determine which CA indicated the path length limit that was exceeded. The path length, if specified, limits how many CA certificates are allowed to follow a CA certificate in a certificate chain. A path length of 0 indicates only an end entity certificate may follow it in the chain, positive values indicate how many CA certificates may be in the chain between that CA and the end entity certificate. If the certificate chain really is from a valid peer, you should look at updating the peer certificate chain with valid CA certificates. If this is not possible, you can disable the basic constraints checking to allow the certificate chain to be accepted and allows this vulnerability to be exploited.
|
|
|
BEA-090551
|
Warning: The certificate chain received from peer contained a V3 CA certificate which could not be converted to be checked for basic constraints.
|
Description
| The certificate chain received from peer contained a V3 CA certificate which could not be converted to be checked for basic constraints.
|
|
Cause
| The certificate chain received by the peer contained a V3 CA certificate which could not be converted to a format which allows the basic constraints to be checked. This is rejected by the basic constraints checking for strong and strict, which protects against a specific certificate chain attack on SSL.
|
|
Action
| The peer certificate chain needs to be looked at carefully to confirm they are valid. If the certificates are all valid, this indicates an internal coding error or limitation in the server. Contact BEA support. If the certificate can not be processed, you can disable the basic constraints checking as a workaround to allow the certificate chain to be accepted and allows this vulnerability to be exploited
|
|
|
BEA-090552
|
Warning: The public and private key could not be checked for consistency.
|
Description
| A failure occurred trying to check if the public and private keys match.
|
|
Cause
| The failure could be due to a keystore being used to hold the private key that doesn't allow access to private key material. Hardware keystores generally don't give access to the private key material that is needed to perform this operation.
|
|
Action
| If a keystore is being used the warning should be ignored. If handshaking errors occurs with all clients, you need to check that the private key and public key do match up.
|
|
|
BEA-090553
|
Warning: Invalid system property value: property=value
|
Description
| A value provided for the system property is invalid. It will be ignored and a default value will be used instead.
|
|
Cause
| Invalid system property value was passed on the command line.
|
|
Action
| Make sure the property value is valid and restart the server.
|
|
|
BEA-090554
|
Error: Set the RealmClassName attribute of the BasicRealm name used by the CachingRealm to a valid value
|
Description
| The realms class name attribute was not set correctly or is empty.
|
|
Cause
| The RealmClassName attribute was not properly configured.
|
|
Action
| Verify that the class is specified correctly and present in the classpath. Read the exception text from the log message for more information on diagnosing the problem.
|
|
|
BEA-090555
|
Error: The DefaultCredentialMapper could not get credentials. The requestor is requestor. The initiator is initiator. The resource is resource. The exception is throwable.
|
Description
| No credentials were returned.
|
|
Cause
| An unexpected exception occurred when trying to get credentials.
|
|
Action
| Read the exception text from the log message for more information on diagnosing the problem.
|
|
|
BEA-090556
|
Error: The DefaultCredentialMapper could not deploy a credential mapping. The resource is resource. The initiating principal is initiatingPrincipal. The eis user name is eisUsername. The exception is throwable.
|
Description
| The credential mapping was not deployed.
|
|
Cause
| An unexpected exception occurred when trying to deploy a credential mapping.
|
|
Action
| Read the exception text from the log message for more information on diagnosing the problem.
|
|
|
BEA-090557
|
Error: The DefaultCredentialMapper could not remove the credentials for a deleted application. The application name is applicationName. The component type is componentType. The component name is componentName. The exception is throwable.
|
Description
| The application was not deleted.
|
|
Cause
| An unexpected exception occurred when trying to remove the credentials for a deleted application.
|
|
Action
| Read the exception text from the log message for more information on diagnosing the problem.
|
|
|
BEA-090558
|
Error: The DefaultCredentialMapper could not complete deploying the credentials for the application. The application name is applicationName. The component type is componentType. The component name is componentName. The exception is throwable.
|
Description
| The application was not deleted.
|
|
Cause
| An unexpected exception occurred when deploying the credentials for the application.
|
|
Action
| Read the exception text from the log message for more information on diagnosing the problem.
|
|
|
BEA-090559
|
Error: The DefaultCredentialMapper could not decrypt the credentials. The requestor is requestor. The initiator is initiator. The resource is resource. The exception is throwable. One possible cause is that the encrypted credentials from another domain were imported into this domain. If this is the case, use the console to update the imported credentials. Another possible cause is that a RAR with encrypted credentials from another domain was deployed in this domain. If this is the case, change the credentials in the RAR to cleartext then deploy it again in this domain.
|
Description
| No credentials were returned.
|
|
Cause
| The credentials could not be decrypted.
|
|
Action
| Read the exception text from the log message for more information on diagnosing the problem.
|
|
|
BEA-090560
|
Error: Could not load the classType class named className. The exception was t. The class was specified via the property system property value.
|
Description
| The exception was t.
|
|
Cause
| Could not load the classType class named className.
|
|
Action
| Ensure that the property system property is set to the proper classType class. Also ensure that the class is in the classpath.
|
|
|
BEA-090561
|
Error: Could not instantiate a classType of class className. The exception received is t. The class was specified via the property system property value.
|
Description
| The exception received is t.
|
|
Cause
| Could not instantiate a classType of class className.
|
|
Action
| Ensure that the property system property is set to the proper classType class. Also ensure that the class is a correct classType implementation.
|
|
|
BEA-090562
|
Error: Could not create a classType of class className because it is not assignable as a requiredClass. The class was specified via the property system property value.
|
Description
| Could not create a classType of class className because it is not assignable as a requiredClass.
|
|
Cause
| Could not create a classType of class className because it is not assignable as a requiredClass.
|
|
Action
| Ensure that the property system property is set to the proper classType class. Also ensure that the class is a correct classType implementation.
|
|
|
BEA-090563
|
Error: Cannot create instance of Hostname Verifier className.
|
Description
| Failed to create instance of Hostname Verifier className.
|
|
Cause
| The class className was not found, or does not have a public constructor without arguments, or has thrown an exception in its constructor.
|
|
Action
| Ensure the className class is in the class path, and has a public constructor without arguments.
|
|
|
BEA-090564
|
Error: Specified HostnameVerifier class className is invalid. It does not implement weblogic.security.SSL.HostnameVerifier interface.
|
Description
| Specified HostnameVerifier class className is invalid. It does not implement weblogic.security.SSL.HostnameVerifier interface.
|
|
Cause
| Invalid HostnameVerifier class specified.
|
|
Action
| Specify a different HostnameVerifier class, or ensure className class implements weblogic.security.SSL.HostnameVerifier interface.
|
|
|
BEA-090565
|
Warning: The server SSL identity key algorithm keyAlg is not supported.
|
Description
| The server is configured with an identity key using unsupported algorithm: keyAlg. This might cause SSL connection problems.
|
|
Cause
| The server SSL identity key algorithm keyAlg is not supported.
|
|
Action
| Configure the server identity with a different key pair using supported RSA algorithm.
|
|
|
BEA-090566
|
Warning: The certificate chain received from peer contained a V3 certificate with unrecognized critical extension: oid
|
Description
| The certificate chain received from peer contained a V3 certificate with unrecognized critical extension: oid
|
|
Cause
| Cannot validate the certificate because it contains an unrecognized critical extension.
|
|
Action
| The peer certificate chain needs to be looked at carefully to confirm they are valid. If the certificates are all valid, this indicates an internal coding error or limitation in the server. Contact BEA support.
|
|
|
BEA-090567
|
Warning: The certificate chain received from peer contained a V3 certificate which key usage constraints forbid its key use by the key agreement algorithm.
|
Description
| The certificate chain received from peer contained a V3 certificate which key usage constraints forbid its key use by the key agreement algorithm.
|
|
Cause
| Certificate key usage constraints forbid certificate key use in quality required by the key agreement algorithm.
|
|
Action
| The peer certificate chain needs to be looked at carefully to confirm they are valid. If the certificates are all valid, this indicates an internal coding error or limitation in the server. Contact BEA support.
|
|
|
BEA-090568
|
Warning: Cannot check key usage constraints of certificate received from peer because of the failure to determine the key agreement algorithm.
|
Description
| Cannot check key usage constraints of certificate received from peer because of the failure to determine the key agreement algorithm.
|
|
Cause
| A NoSuchAlgorithmException happened while trying to obtain key agreement algorithm.
|
|
Action
| The peer certificate chain needs to be looked at carefully to confirm they are valid. If the certificates are all valid, this indicates an internal coding error or limitation in the server. Contact BEA support.
|
|
|
BEA-090569
|
Warning: The certificate chain received from peer contained a V3 CA certificate which key usage constraints indicate its key cannot be used to sign certificates.
|
Description
| The certificate chain received from peer contained a V3 CA certificate which key usage constraints indicate its key cannot be used to sign certificates.
|
|
Cause
| One of certificate in the check cannot pass validation check because its key is used to sign another certificate while key usage constraints indicate that it cannot be used for that.
|
|
Action
| The peer certificate chain needs to be looked at carefully to confirm they are valid. If the certificates are all valid, this indicates an internal coding error or limitation in the server. Contact BEA support.
|
|
|
BEA-090570
|
Error: propName has been specified without enabling the SecurityManager.
|
Description
| The server cannot have JACC enabled without also having a SecurityManager enabled.
|
|
Cause
| The server has been told to boot with JACC enabled by setting JACC property without also enabling a SecurityManager by setting the java.security.manager property because JACC depends on a SecurityManager being in place.
|
|
Action
| If JACC is desired then a SecurityManager must be enabled. This can be done by specifying a value for the java.security.manager property. If JACC is not desired then remove the specification of the JACC property.
|
|
|
BEA-090571
|
Info: Successfully loaded the JACC Policy object using className.
|
Description
| Successfully loaded the JACC Policy object from className using the javax.security.jacc.policy.provider property. Now using JACC for EJBs and Servlets.
|
|
|
BEA-090572
|
Error: The javax.security.jacc.policy.provider property points to a non-existant className class.
|
Description
| While attempting to load className from the javax.security.jacc.policy.provider property a e exception was thrown.
|
|
Cause
| JACC has been enabled by setting javax.security.jacc.policy.provider property but the class it points to can not be found.
|
|
Action
| Check to make sure that the class is present or change javax.security.jacc.policy.provider property to point to an existing class.
|
|
|
BEA-090573
|
Error: An e exception was thrown while attempting to access className.
|
Description
| While attempting to access className an e exception was thrown.
|
|
Cause
| The class was not accessible.
|
|
Action
| Check to make sure that the class is accessible.
|
|
|
BEA-090574
|
Error: An e exception was thrown while attempting to instantiate className.
|
Description
| While attempting to instantiate className an e exception was thrown.
|
|
Cause
| The class was could not be instantiated.
|
|
Action
| Check to make sure that the class is instantiatable.
|
|
|
BEA-090575
|
Error: The policyName class is not an instance of java.security.Policy.
|
Description
| The policyName class is not an instance of java.security.Policy and it needs to be.
|
|
Cause
| An non-Policy object was passed as the value of the javax.security.jacc.policy.provider property.
|
|
Action
| Change javax.security.jacc.policy.provider to point to an instance of a java.security.Policy object.
|
|
|
BEA-090576
|
Error: Unable to successfully obtain a PolicyConfigurationFactory.
|
Description
| Unable to successfully obtain a PolicyConfigurationFactory by calling javax.security.jacc.PolicyConfigurationFactory.getPolicyConfigurationFactory.
|
|
Cause
| The javax.security.jacc.PolicyConfigurationFactory.provider property may not be set to a valid implementation of PolicyConfigurationFactory.
|
|
Action
| Change javax.security.jacc.PolicyConfigurationFactory.provider to point to an instance of a javax.security.jacc.PolicyConfigurationFactory object.
|
|
|
BEA-090577
|
Info: Successfully obtained a policyConfigurationFactory PolicyConfigurationFactory.
|
Description
| Successfully obtained a PolicyConfigurationFactory.
|
|
|
BEA-090578
|
Error: The JACC provider threw a e.
|
Description
| The JACC provider threw a PolicyContextException.
|
|
Cause
| JACC through a PolicyContextException.
|
|
Action
| Look at the details of the PolicyContextException for the action to take.
|
|
|
BEA-090579
|
Error: The javax.security.jacc.PolicyConfigurationFactory.provider property points to a non-existant class className.
|
Description
| A e exception was thrown while attempting to load className from the javax.security.jacc.PolicyConfigurationFactory.provider property.
|
|
Cause
| JACC has been enabled by setting javax.security.jacc.PolicyConfigurationFactory.provider property but the class it points to can not be found.
|
|
Action
| Check to make sure that the class is present or change javax.security.jacc.PolicyConfigurationFactory.provider property to point to an existing class.
|
|
|
BEA-090580
|
Error: The CertPathBuilderParameters constructor was passed an illegal realm name.
|
Description
| A null or empty realm name was passed.
|
|
Cause
| The realm name must not be empty or null.
|
|
Action
| Pass a valid security realm name to the CertPathBuilderParameters constructor.
|
|
|
BEA-090581
|
Error: The CertPathBuilderParameters constructor was passed an illegal CertPathSelector.
|
Description
| A null CertPathSelector was passed.
|
|
Cause
| The CertPathSelector must not be null.
|
|
Action
| Pass a valid CertPathSelector to the CertPathBuilderParameters constructor.
|
|
|
BEA-090582
|
Error: The CertPathValidatorParameters constructor was passed an illegal realm name.
|
Description
| A null or empty realm name was passed.
|
|
Cause
| The realm name must not be empty or null.
|
|
Action
| Pass a valid security realm name to the CertPathValidatorParameters constructor.
|
|
|
BEA-090583
|
Error: The EndCertificateSelector constructor was passed an illegal X509Certificate.
|
Description
| A null X509Certificate was passed.
|
|
Cause
| The X509Certificate must not be null.
|
|
Action
| Pass a valid X509Certificate to the EndCertificateSelector constructor.
|
|
|
BEA-090584
|
Error: The IssuerDNSerialNumberSelector constructor was passed an illegal issuer DN.
|
Description
| A null or empty issuer DN was passed.
|
|
Cause
| The issuer DN must not be null or empty.
|
|
Action
| Pass a valid issuer DN to the IssuerDNSerialNumberSelector constructor.
|
|
|
BEA-090585
|
Error: The IssuerDNSerialNumberSelector constructor was passed an illegal serial number.
|
Description
| A null serial number was passed.
|
|
Cause
| The serial number must not be null.
|
|
Action
| Pass a valid serial number to the IssuerDNSerialNumberSelector constructor.
|
|
|
BEA-090586
|
Error: The SubjectDNSelector constructor was passed an illegal subject DN.
|
Description
| A null or empty subject DN was passed.
|
|
Cause
| The subject DN must not be null or empty.
|
|
Action
| Pass a valid subject DN to the SubjectDNSelector constructor.
|
|
|
BEA-090587
|
Error: The SubjectKeyIdentifierSelector constructor was passed an illegal subject key identifier.
|
Description
| The SubjectKeyIdentifierSelector constructor was passed a null or empty subject key identifier.
|
|
Cause
| The subject key identifier must not be null or empty.
|
|
Action
| Pass a valid subject key identifier to the SubjectKeyIdentifierSelector constructor.
|
|
|
BEA-090588
|
Error: The WLSCertPathBuilderResult constructor was passed an illegal Certpath.
|
Description
| A null or empty CertPath was passed.
|
|
Cause
| The CertPath must not be null or empty.
|
|
Action
| Pass a valid CertPath to the WLSCertPathBuilderResult constructor. It must at least contain the end certificate of the cert chain."
|
|
|
BEA-090589
|
Error: The WLSJDKCertPathBuilder was passed an illegal CertPathParameters.
|
Description
| A non-weblogic.security.pk.CertPathBuilderParameters CertPathParameters was passed.
|
|
Cause
| The CertPathParameters must be a weblogic.security.pk.CertPathBuilderParameters.
|
|
Action
| Pass a weblogic.security.pk.CertPathBuilderParameters as the CertPathParameters.
|
|
|
BEA-090590
|
Error: The WLSJDKCertPathValidator was passed an illegal CertPathParameters.
|
Description
| A non-weblogic.security.pk.CertPathValidatorParameters CertPathParameters was passed..
|
|
Cause
| The CertPathParameters must be a weblogic.security.pk.CertPathValidatorParameters.
|
|
Action
| Pass a weblogic.security.pk.CertPathValidatorParameters as the CertPathParameters.
|
|
|
BEA-090591
|
Warning: The realm realm does not have any cert path providers configured. To correct the problem, configure at least one cert path provider.
|
Description
| The realm realm does not have any cert path providers configured.
|
|
Cause
| The realm realm does not have any cert path providers configured.
|
|
Action
| To correct the problem, configure at least one cert path provider.
|
|
|
BEA-090592
|
Warning: The realm realm does not have a cert path builder configured. To correct the problem, select one of the realm"s cert path providers as the realm"s cert path builder.
|
Description
| The realm realm does not have a cert path builder configured.
|
|
Cause
| The realm realm does not have a cert path builder configured.
|
|
Action
| To correct the problem, select one of the realm"s cert path providers as the realm"s cert path builder.
|
|
|
BEA-090593
|
Warning: The realm realm has an illegal cert path builder configured. To correct the problem, select one of the realm"s cert path providers as the realm"s cert path builder.
|
Description
| The realm realm has an illegal cert path builder configured.
|
|
Cause
| The realm realm has an illegal cert path builder configured.
|
|
Action
| To correct the problem, select one of the realm"s cert path providers as the realm"s cert path builder.
|
|
|
BEA-090594
|
Error: The provider cert path security provider was passed an illegal CertPathParameters.
|
Description
| A non-weblogic.security.spi.CertPathBuilderParametersSpi CertPathParameters was passed..
|
|
Cause
| The CertPathParameters must be a weblogic.security.spi.CertPathBuilderParametersSpi.
|
|
Action
| The provider cert path security provider must not be called directly by application code.
|
|
|
BEA-090595
|
Error: The provider cert path security provider was passed an illegal CertPathParameters.
|
Description
| A non-weblogic.security.spi.CertPathValidatorParametersSpi CertPathParameters was passed..
|
|
Cause
| The CertPathParameters must be a weblogic.security.spi.CertPathValidatorParametersSpi.
|
|
Action
| The provider cert path security provider must not be called directly by application code.
|
|
|
BEA-090596
|
Error: The WebLogicCertPathProvider was passed an unsupported CertPathSelector.
|
Description
| A non-EndCertificateSelector CertPathSelector was passed.
|
|
Cause
| The CertPathSelector must be an EndCertificateSelector.
|
|
Action
| Pass an EndCertificateSelector to the WebLogicCertPathProvider.
|
|
|
BEA-090597
|
Error: The CertificateRegistry was passed an unsupported CertPathSelector.
|
Description
| A CertPathSelector other than an EndCertificateSelector, IssuerDNSerialNumberSelector, SubjectDNSelector or SubjectKeyIdentifierSelector was passed.
|
|
Cause
| The CertPathSelector must be an EndCertificateSelector, IssuerDNSerialNumberSelector, SubjectDNSelector or SubjectKeyIdentifierSelector.
|
|
Action
| Pass an EndCertificateSelector, IssuerDNSerialNumberSelector, SubjectDNSelector or SubjectKeyIdentifierSelector to the CertificateRegistry.
|
|
|
BEA-090598
|
Warning: Unable to update the domain controller list
|
Description
| Attempt to lock the domain controller list for update failed.
|
|
Cause
| The most likely cause is that the attempt to lock the domain controller list for update timed out. This may happen if there are concurrent updates occurring to the configuration for the same provider instance, and the updates are taking a while to execute (perhaps a long domain controller list or slow network
|
|
Action
| If this is an update from the console, and the domain controller list was modified, reapply the changes.
|
|
|
BEA-090599
|
Warning: Unable to initialize the domain controller list
|
Description
| Attempt to lock the domain controller list for initialization failed
|
|
Cause
| The domain controller list was not able to be locked for initialization. This should not occur and would be caused by an internal coding error.
|
|
Action
| This indicates an internal coding error or limitation in the server. Contact BEA support.
|
|
|
BEA-090600
|
Error: Failed to retrieve the local machine name
|
Description
| The NT authentication provider failed to retrieve the local machine name.
|
|
Cause
| There may be a configuration error with either the user account rights required or the local NT machine.
|
|
Action
| Verify the user running the server has the specific NT account rights that are required to use the NT authentication provider.
|
|
|
BEA-090601
|
Warning: Unable to access domain controller dcName
|
Description
| Attempt to access the domain controller dcName failed.
|
|
Cause
| The domain controller name may not be valid, may be down or unavailable on the network, or the user may not have permission to access it.
|
|
Action
| If the domain controller is simply down, or temporarily unavailable it may be retried later on depending on the domain controller retry settings. If the domain controller is available, check that the user account running the server has permission to access the domain controller. This may require logging into the domain controller that failed and verifying the user has been granted access.
|
|
|
BEA-090602
|
Error: The java and native library versions do not match for the WindowsNTAuthenticator
|
Description
| The NT authentication provider detected a mismatch between the java and native portions of the provider.
|
|
Cause
| The native library being found and loaded is not in synch with the java portion of the provider.
|
|
Action
| Verify the correct native library for the WindowsNTAuthenticator is in the PATH and that the correct PATH is being used.
|
|
|
BEA-090603
|
Error: The certificate chain is invalid because it could not be completed. The trusted CAs did not include missingCA.
|
Description
| The certificate chain is invalid because it could not be completed.
|
|
Cause
| The trusted CAs did not include missingCA.
|
|
Action
| Add missingCA to the chain or to the list of the trusted CAs if you want this chain to be validated.
|
|
|
BEA-090604
|
Error: The certificate chain is invalid because none of its certificates is a trusted CA.
|
Description
| The certificate chain is invalid.
|
|
Cause
| None of its certificates is a trusted CA.
|
|
Action
| Add one of the certificates in the chain to the list of of trusted CAs if you want this chain to be validated.
|
|
|
BEA-090605
|
Error: The certificate chain is invalid because it contains the certificate cert is either expired or is not currently valid.
|
Description
| The certificate chain is invalid because it contains a certificate which has either expired or is not currently valid.
|
|
Cause
| The invalid certificate is cert.
|
|
Action
| If this certificate is a trusted CA, and the certificate authority has issued a replacement certificate with the same subject DN and private key, and you want the certificate chain to be validated, then replace the trusted CA with the updated one. Otherwise, obtain a new certificate chain if you want the chain to be validated.
|
|
|
BEA-090606
|
Error: The certificate chain is invalid because a certificate"s issuer DN "issuerDNFromCert" does not match it"s CA"s subject DN "subjectDNFromCA".
|
Description
| The certificate chain is invalid because a certificate"s issuer DN does not match it"s CA"s subject DN.
|
|
Cause
| The certificate"s issuer DN is "issuerDNFromCert". The CA"s subject DN is "subjectDNFromCA".
|
|
Action
| You must obtain a new certificate chain if you want the chain to be validated.
|
|
|
BEA-090607
|
Error: The certificate chain is invalid because of an encoding error for certificate cert.
|
Description
| The certificate chain is invalid because of an encoding error.
|
|
Cause
| The invalid certificate is cert.
|
|
Action
| Ensure that the certificate chain only contains certificates using RSA keys and that the JDK is configured to support RSA keys.
|
|
|
BEA-090608
|
Error: The certificate chain is invalid because a certificate"s signature could not be validated by it"s CA"s public key. The invalid certificate is cert. The CA is CA.
|
Description
| The certificate chain is invalid because a certificate"s signature could not be validated by it"s CA"s public key.
|
|
Cause
| Most likely, the wrong CA is in the chain for the certificate. The invalid certificate is cert. The CA is CA.
|
|
Action
| Tye You must obtain a new certificate chain if you want the chain to be validated.
|
|
|
BEA-090609
|
Error: The certificate chain is invalid because there is no JDK provider for certificate cert.
|
Description
| The certificate chain is invalid because there is no JDK provider for a certificate.
|
|
Cause
| The invalid certificate is cert.
|
|
Action
| Ensure that the certificate chain only contains certificates using RSA keys and that the JDK is configured to support RSA keys.
|
|
|
BEA-090610
|
Error: The certificate chain is invalid because there is no default JDK provider for certificate cert.
|
Description
| The certificate chain is invalid because there is no default JDK provider for a certificate.
|
|
Cause
| The invalid certificate is cert.
|
|
Action
| Ensure that the certificate chain only contains certificates using RSA keys and that the JDK is configured to support RSA keys.
|
|
|
BEA-090611
|
Error: The certificate chain is invalid because a certificate"s signature could not be validated. The invalid certificate is cert.
|
Description
| The certificate chain is invalid because a certificate"s signature could not be validated.
|
|
Cause
| Most likely, the certificate has been tampered with. The invalid certificate is cert.
|
|
Action
| You must obtain a new certificate chain if you want the chain to be validated.
|
|
|
BEA-090612
|
Error: The certificate chain is invalid because it contains a certificate with an unsupported critical extension. The invalid certificate is cert. The unsupported critical extension"s oid is oid.
|
Description
| The certificate chain is invalid because it contains a certificate with an unsupported critical extension.
|
|
Cause
| The invalid certificate is cert. The unsupported critical extension"s oid is oid.
|
|
Action
| You must obtain a new certificate chain if you want the chain to be validated.
|
|
|
BEA-090613
|
Error: The certificate chain is invalid because it is longer than one of it"s CA"s allows. The CA is CA. The chain length to that CA is lengthFound. The maximum chain length to that CA is maxLength.
|
Description
| The certificate chain is invalid because one of it"s CA"s basic constraints has been violated.
|
|
Cause
| The CA is CA. The chain length to that CA is lengthFound. The maximum chain length to that CA is maxLength.
|
|
Action
| You must obtain a new certificate chain if you want the chain to be validated.
|
|
|
BEA-090614
|
Error: The certificate chain is invalid because it contains a CA without basic constraints. The CA is CA.
|
Description
| The certificate chain is invalid because it contains a CA without basic constraints.
|
|
Cause
| The CA is CA.
|
|
Action
| You must obtain a new certificate chain if you want the chain to be validated.
|
|
|
BEA-090615
|
Error: A CertPathBuilderParameters or CertPathValidatorParameters object was constructed with a list of trusted CAs that includes a null trusted CA.
|
Description
| A CertPathBuilderParameters or CertPathValidatorParameters object was constructed with a list of trusted CAs that includes a null trusted CA.
|
|
Cause
| A CertPathBuilderParameters or CertPathValidatorParameters object was constructed with a list of trusted CAs that includes a null trusted CA.
|
|
Action
| Ensure that the list of trusted CAs passed in does not include a null trusted CA.
|
|
|
BEA-090616
|
Error: The configured CertPathBuilder provider returned an empty cert path.
|
Description
| The configured CertPathBuilder provider returned an empty cert path.
|
|
Cause
| The configured CertPathBuilder provider has a bug. It should never return an empty cert path.
|
|
Action
| Fix the bug in the configured CertPathBuilder.
|
|
|
BEA-090617
|
Error: The configured CertPathBuilder provider returned a certificate that is not an X509Certificate.
|
Description
| The configured CertPathBuilder provider returned a certificate that is not an X509Certificate.
|
|
Cause
| The configured CertPathBuilder provider has a bug. It should never return a certificate that is not an X509Certificate.
|
|
Action
| Fix the bug in the configured CertPathBuilder.
|
|
|
BEA-090618
|
Error: The WLS CertPathValidator was passed a null or empty cert path.
|
Description
| The WLS CertPathValidator was passed a null or empty cert path.
|
|
Cause
| The WLS CertPathValidator was passed a null or empty cert path.
|
|
Action
| Pass a cert path containing at least one certificate to the WLS CertPathValidator.
|
|
|
BEA-090619
|
Error: The WLS CertPathValidator was passed certificate that is not an X509Certificate.
|
Description
| The WLS CertPathValidator was passed certificate that is not an X509Certificate.
|
|
Cause
| The WLS CertPathValidator was passed certificate that is not an X509Certificate.
|
|
Action
| Pass a cert path containing only X509Certificates to the WLS CertPathValidator.
|
|
|
BEA-090620
|
Error: There is no JDK CertPathBuilder for algorithm algorithm.
|
Description
| There is no JDK CertPathBuilder for algorithm algorithm.
|
|
Cause
| There is no JDK CertPathBuilder for algorithm algorithm.
|
|
Action
| This is an internal error in either the JDK or a WLS CertPathProvider.
|
|
|
BEA-090621
|
Error: There is no JDK CertPathValidator for algorithm algorithm.
|
Description
| There is no JDK CertPathValidator for algorithm algorithm.
|
|
Cause
| There is no JDK CertPathValidator for algorithm algorithm.
|
|
Action
| This is an internal error in either the JDK or a WLS CertPathProvider.
|
|
|
BEA-090622
|
Error: Failed to create a security provider mbean.
|
Description
| This exception is thrown when an exception occurs when creating and configuring a security provider mbean.
|
|
Cause
| This exception is thrown when an exception occurs when creating and configuring a security provider mbean.
|
|
Action
| Look at the exception text for more information on diagnosing the problem.
|
|
|
BEA-090623
|
Error: Failed to get the default trusted CAs for this server.
|
Description
| This exception is thrown when an exception occurs when finding this server"s trusted CAs.
|
|
Cause
| This exception is thrown when an exception occurs when finding this server"s trusted CAs.
|
|
Action
| Look at the exception text for more information on diagnosing the problem.
|
|
|
BEA-090624
|
Error: Failed to create an an X509 CertPath from an array of X509Certificates.
|
Description
| Failed to create an an X509 CertPath from an array of X509Certificates.
|
|
Cause
| Failed to create an an X509 CertPath from an array of X509Certificates.
|
|
Action
| Look at the exception text for more information on diagnosing the problem.
|
|
|
BEA-090625
|
Error: Policy context context not in open state.
|
Description
| Attempted an operation on a non-open Policy context that required the policy context to be in an open state.
|
|
Cause
| Policy context must be in open state.
|
|
Action
| Ensure the policy context is open before attempting an operation on it that requires an open Policy Context. This indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090626
|
Error: Received a e when attempting to delete Policy Directory policyDirectory.
|
Description
| Received a e when attempting to delete Policy Directory policyDirectory.
|
|
Cause
| Received a e when attempting to delete Policy Directory policyDirectory.
|
|
Action
| Check to make sure that files in the policy directory are not open.
|
|
|
BEA-090627
|
Error: Cannot link a PolicyConfiguration to itself.
|
Description
| Cannot link a PolicyConfiguration to itself.
|
|
Cause
| Cannot link a PolicyConfiguration to itself.
|
|
Action
| This indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090628
|
Error: Cannot have circular policy configuration links.
|
Description
| Cannot have circular policy configuration links.
|
|
Cause
| A PolicyConfiguration is linked to another PolicyConfiguration which ultimately is linked back to the original PolicyConfiguration. This means that no PolicyConfiguration actually holds the role to principal mapping.
|
|
Action
| This indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090629
|
Error: Received a e when attempting to use the passed role to principal map for PolicyConfiguration with a ContextID of contextID.
|
Description
| Received a e when attempting to use the passed role to principal map for PolicyConfiguration with a ContextID of contextID.
|
|
Cause
| Received a e when attempting to use the passed role to principal map for PolicyConfiguration with a ContextID of contextID. The code attempts to do some simple validation the map.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090630
|
Error: Received a e when attempting to create the PolicyWriter.
|
Description
| Received a e when attempting to create the PolicyWriter.
|
|
Cause
| Received a e when attempting to create the PolicyWriter.
|
|
Action
| Check the exception type.
|
|
|
BEA-090631
|
Error: Unable to create the PolicyWriter directory dirName.
|
Description
| Unable to create the PolicyWriter directory dirName.
|
|
Cause
| Unable to create the PolicyWriter directory dirName.
|
|
Action
| Unable to create the PolicyWriter directory.
|
|
|
BEA-090632
|
Error: Cannot create name. Non directory file already exists with the same name. Please remove it.
|
Description
| Cannot create name. Non directory file already exists with the same name. Please remove it.
|
|
Cause
| Cannot create name. Non directory file already exists with the same name. Please remove it.
|
|
Action
| Cannot create name. Non directory file already exists with the same name. Please remove it.
|
|
|
BEA-090633
|
Error: Cannot open policy file filename. Received an e exception.
|
Description
| Cannot open policy file filename. Received an e exception.
|
|
Cause
| If the exception is a FileNotFoundException the file path name may be too long for the OS, or the directory may have been deleted before the policy file can be written to it.
|
|
Action
| Try to shorten the file path name if it is too long for the OS. The error may also occur if the directory has been deleted before the file can be written into it.
|
|
|
BEA-090634
|
Error: Cannot write to policy file filename. Received an e exception.
|
Description
| Cannot write to policy file filename. Received an e exception.
|
|
Cause
| The file may have been opened for exclusive access by something other than WebLogic Server.
|
|
Action
| Ensure that the policy file is writable.
|
|
|
BEA-090635
|
Info: No Results
|
Description
| The WebLogic Authorization provider did not find any results during the search.
|
|
Cause
| There are no policies that match the search criteria.
|
|
Action
| No action necessary.
|
|
|
BEA-090636
|
Info: No Results
|
Description
| The WebLogic Role Mapping provider did not find any results during the search.
|
|
Cause
| There are no roles that match the search criteria.
|
|
Action
| No action necessary.
|
|
|
BEA-090637
|
Error: No role name supplied
|
Description
| The role name parameter was not supplied.
|
|
Cause
| The role name is null or contains no data.
|
|
Action
| Specify a valid role name.
|
|
|
BEA-090638
|
Error: No resource data
|
Description
| The resource data parameter was not supplied or is empty.
|
|
Cause
| The resource data parameter was not supplied or is empty.
|
|
Action
| Specify valid resource data.
|
|
|
BEA-090639
|
Error: No resource type
|
Description
| The resource type information was not supplied.
|
|
Cause
| The resource type information was not supplied.
|
|
Action
| Specify a valid resource type.
|
|
|
BEA-090640
|
Error: No resource identifier
|
Description
| The resource identifier parameter was not supplied or is empty.
|
|
Cause
| The resource identifier parameter was not supplied or is empty.
|
|
Action
| Specify a valid resource identifier.
|
|
|
BEA-090641
|
Error: No resource keys found
|
Description
| No resource key information was supplied in the resource identifier.
|
|
Cause
| An invalid resource identifier was supplied.
|
|
Action
| Specify a valid resource identifier.
|
|
|
BEA-090642
|
Error: Invalid data type for type resource key value
|
Description
| Invalid data type for type resource key value
|
|
Cause
| The data type of a resource key value is not valid.
|
|
Action
| Specify a valid resource key data type value.
|
|
|
BEA-090643
|
Error: Invalid resource type: "type"
|
Description
| An invalid or unknown resource type was supplied.
|
|
Cause
| An invalid or unknown resource type was supplied.
|
|
Action
| Specify a valid resource type.
|
|
|
BEA-090644
|
Error: Expected resource type: type
|
Description
| The resource type supplied did not match the expected type.
|
|
Cause
| An invalid or unknown resource type was supplied.
|
|
Action
| Verify a valid resource type was supplied and contact BEA support.
|
|
|
BEA-090645
|
Error: Expected resource key: key
|
Description
| The resource identifier supplied does not contain the expected key.
|
|
Cause
| An invalid resource identifier was supplied.
|
|
Action
| Specify a valid resource identifier.
|
|
|
BEA-090646
|
Error: Unknown resource key: key
|
Description
| The resource key supplied in the resource data is unknown.
|
|
Cause
| The resource key supplied in the resource data is unknown.
|
|
Action
| Specify only resource keys valid for a specific resource type.
|
|
|
BEA-090647
|
Error: Invalid application name
|
Description
| The application name parameter is not valid.
|
|
Cause
| The application name parameter was empty or contains invalid values.
|
|
Action
| Specify a valid application name.
|
|
|
BEA-090648
|
Error: Invalid component name
|
Description
| The component name parameter is not valid.
|
|
Cause
| The component name parameter was empty or contains invalid values.
|
|
Action
| Specify a valid component name.
|
|
|
BEA-090649
|
Error: Illegal application search name
|
Description
| The application name parameter is not valid.
|
|
Cause
| The application name was not a legal search string.
|
|
Action
| Specify a valid application name search string.
|
|
|
BEA-090650
|
Error: Illegal component search name
|
Description
| The component name parameter is not valid.
|
|
Cause
| The component name was not a legal search string.
|
|
Action
| Specify a valid component name search string.
|
|
|
BEA-090651
|
Error: No component type
|
Description
| The component type parameter is not valid.
|
|
Cause
| The component type parameter is empty.
|
|
Action
| Specify a valid component type of EJB, WebApp, Connector or WebService.
|
|
|
BEA-090652
|
Error: Invalid component type: "type"
|
Description
| The component type parameter specified is not valid.
|
|
Cause
| The component type parameter specified is not valid.
|
|
Action
| Specify a valid component type of EJB, WebApp, Connector or WebService.
|
|
|
BEA-090653
|
Error: Empty array value found
|
Description
| The array value supplied was empty.
|
|
Cause
| An empty string was supplied for an array element of the resource key.
|
|
Action
| Specify a valid string.
|
|
|
BEA-090654
|
Error: Unexpected resource identifier data: "data"
|
Description
| The resource identifier supplied contains unexpected data.
|
|
Cause
| An invalid resource identifier was supplied.
|
|
Action
| Specify a valid resource identifier.
|
|
|
BEA-090655
|
Error: Unexpected resource key array value: "value"
|
Description
| An unexpected value was supplied for a resource key array.
|
|
Cause
| An invalid resource identifier was supplied.
|
|
Action
| Specify a valid resource identifier.
|
|
|
BEA-090656
|
Error: Empty type resource key string
|
Description
| Empty type resource key string.
|
|
Cause
| An empty string was supplied for an element of the resource.
|
|
Action
| Specify a valid string.
|
|
|
BEA-090657
|
Error: Empty type resource key array string
|
Description
| Empty type resource key array string.
|
|
Cause
| An empty string was supplied for an array element of the resource.
|
|
Action
| Specify a valid string.
|
|
|
BEA-090658
|
Error: Unable to convert file name to URL. Got exception e.
|
Description
| Unable to convert file name to URL.
|
|
Cause
| Unable to convert file name to URL.
|
|
Action
| This exception is an internal error. Contact BEA support.
|
|
|
BEA-090659
|
Error: Unable to delete old policy file filename.
|
Description
| Unable to delete the old policy file filename which means it will be impossible to properly deploy the application.
|
|
Cause
| The file filename is not writeable.
|
|
Action
| Change the operating system permissions on the file and try to deploy the application again.
|
|
|
BEA-090660
|
Warning: Certificate chain received from peer was not validated by the custom trust manager trustManagerClassName causing SSL handshake failure.
|
Description
| Peer certificate chain was not validated by the custom trust manager.
|
|
Cause
| A peer presented a certificate chain to the server that the custom trust manager did not validate.
|
|
Action
| Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the custom trust manager to trust the peer certificate chain."
|
|
|
BEA-090661
|
Warning: Certificate chain received from peer was not validated by the custom trust manager trustManagerClassName causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the custom trust manager to trust the certificate chain."
|
Description
| Peer certificate chain was not validated by the custom trust manager.
|
|
Cause
| A peer presented a certificate chain to the server that the custom trust manager did not validate.
|
|
Action
| Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the custom trust manager to trust the certificate chain."
|
|
|
BEA-090662
|
Info: The DeployableAuthorizer "className" implements the deprecated intfName interface.
|
Description
| The deployable authorization provider implements a deprecated security interface.
|
|
Cause
| At security provider initialization a deprecated security interface was detected.
|
|
Action
| No immediate action necessary. However, the security provider should be updated.
|
|
|
BEA-090663
|
Info: The DeployableRoleMapper "className" implements the deprecated intfName interface.
|
Description
| The deployable role provider implements a deprecated security interface.
|
|
Cause
| At security provider initialization a deprecated security interface was detected.
|
|
Action
| No immediate action necessary. However, the security provider should be updated.
|
|
|
BEA-090664
|
Error: DeployableAuthorizer className implements unknown security interface.
|
Description
| The deployable authorization provider implements an unknown security interface.
|
|
Cause
| The deployable authorization provider implements an unknown security interface.
|
|
Action
| Verify that the deployable authorization provider has implemented the correct security interfaces.
|
|
|
BEA-090665
|
Error: DeployableRoleMapper className implements unknown security interface.
|
Description
| The deployable role provider implements an unknown security interface.
|
|
Cause
| The deployable role provider implements an unknown security interface.
|
|
Action
| Verify that the deployable role provider has implemented the correct security interfaces.
|
|
|
BEA-090666
|
Error: Deploy handle not supplied
|
Description
| Deploy handle not supplied
|
|
Cause
| The deployment handle is null.
|
|
Action
| This exception is an internal error. Contact BEA support.
|
|
|
BEA-090667
|
Error: Application information not supplied
|
Description
| Application information not supplied
|
|
Cause
| The application information is null.
|
|
Action
| This exception is an internal error. Contact BEA support.
|
|
|
BEA-090668
|
Warning: Ignored deployment of role "roleName" for resource "resourceId"
|
Description
| The role mapping specified in the deployment descriptor has been ignored.
|
|
Cause
| The application has been configured to ignore security data from deployment descriptors.
|
|
Action
| Remove role mapping from the application deployment descriptor or change the security configuration to allow deployment of role mappings.
|
|
|
BEA-090669
|
Warning: Ignored deployment of policy for resource "resourceId"
|
Description
| The security policy specified in the deployment descriptor has been ignored.
|
|
Cause
| The application has been configured to ignore security data from deployment descriptors.
|
|
Action
| Remove security policy from the application deployment descriptor or change the security configuration to allow deployment of security policy.
|
|
|
BEA-090670
|
Error: Unable to verify user name token for user username
|
Description
| When using digest authentication and the WebLogic identity assertion provider, the web services container passes down a UsernameToken object to the identity asserter. The identity asserter validates the UsernameToken ensuring that the digest is valid given the nonce, created, and user password values. This error occurs when the digest could not be verified.
|
|
Cause
| The UsernameToken could not be verified.
|
|
Action
| Verify that the user exists in the WebLogic authentication provider, the authentication provider has the PasswordDigestEnabled attribute set to true, and the user entry has set the password since the attribute was set to true.
|
|
|
BEA-090671
|
Error: Unable to get password digest for user name username
|
Description
| The web services container uses the WebLogic framework to get a digest based on the password for the specified username. The digest could not be calculated by the WebLogic authentication provider.
|
|
Cause
| The user does not exist in the WebLogic authentication provider Embedded LDAP server or there is no password information available to calculate a digest.
|
|
Action
| Verify that the user exists in the WebLogic authentication provider, the authentication provider has the PasswordDigestEnabled attribute set to true, and the user entry has set the password since the attribute was set to true.
|
|
|
BEA-090672
|
Error: Identity assertion object for token type tokenType was of type actualType instead of expected type of expectedType
|
Description
| For WS Digest identity assertion, the container should pass a token type of IdentityAsserter.WSSE_PASSWORD_DIGEST_TYPE and a token object of type weblogic.xml.security.wsse.UsernameToken. The token object passed was not an instance of UsernameToken.
|
|
Cause
| The token object was not an instance of the correct type.
|
|
Action
| If called from an application via the identity assertion public api, then modify the application to pass the expected token. If called from the container, then the container should not be passing a token that is not a UsernameToken, and this exception indicates an internal coding error in the server - contact BEA support.
|
|
|
BEA-090673
|
Critical: Digest DataSource name was not found. Disabling digest authentication.
|
Description
| The DataSource configured in the WebLogic identity assertion provider does not exist. Without a valid DataSource, digest replay detection can not occur and therefore digest authentication has been disabled.
|
|
Cause
| The configured DataSource does not exist.
|
|
Action
| Modify the DigestDataSourceName attribute on the WebLogic identity assertion provider to be the name of a valid WebLogic DataSource configured for this domain.
|
|
|
BEA-090674
|
Critical: Digest DataSource name was not initialized due to an exception. Disabling digest authentication. The exception text is exc.
|
Description
| The DataSource configured in the WebLogic identity assertion provider could not be initialized due to an exception. Without a valid DataSource, replay detection can not occur and therefore digest authentication has been disabled.
|
|
Cause
| An exception was thrown when initializing the configured DataSource.
|
|
Action
| Verify that the DigestDataSourceName attribute on the WebLogic identity assertion provider is valid and a WebLogic DataSource configured for this domain. Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090675
|
Critical: A SQL connection could not be obtained from digest DataSource name due to an exception. Disabling digest authentication. The exception text is exc.
|
Description
| The Digest DataSource configured in the WebLogic identity assertion provider could not be used to get a SQL connection. Without a valid connection, replay detection can not occur and therefore digest authentication has been disabled.
|
|
Cause
| An exception was thrown when obtaining a connection from the configured DataSource.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090676
|
Critical: The SQL statement name could not be prepared due to an exception. Disabling digest authentication. The exception text is exc.
|
Description
| The WebLogic identity assertion provider uses SQL statements to manage the table used in replay detection. One of the SQL statement used to manage the table could not be prepared. Without a valid statement, replay detection can not occur and therefore digest authentication has been disabled.
|
|
Cause
| An exception was thrown when preparing the SQL statement.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090677
|
Critical: The name table could not be created due to an exception. Disabling digest authentication. The exception text is exc.
|
Description
| The WebLogic identity assertion provider utilizes a table is used to store the previous digest authentication values in order to prevent replay attacks. This table is created if it does not exist. The create of this table or the check to see if the table exists failed due to an exception. Without a valid statement, replay detection can not occur and therefore digest authentication has been disabled in the WebLogic identity assertion provider.
|
|
Cause
| An exception was thrown when validating or creating the table.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090678
|
Error: Authentication failed with digest digest due to an exception that occurred while detecting the replay attack. The exception text is exc.
|
Description
| The WebLogic identity assertion Provider provides replay detection for digest authentication by storing previous digest values in a database. If an error occurs while determining if a previous digest values has already been used, then digest authentication will fail.
|
|
Cause
| An exception was thrown when inserting the digest information row into the database.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090679
|
Error: Authentication failed due to detection of a replay attack for nonce nonce and digest digest.
|
Description
| The WebLogic Identity Assertion Provider provides replay detection for digest authentication by storing previous digest values in a database. A previous digest value was detected so a replay attack has occurred.
|
|
Cause
| An entry for this nonce and digest has already been used for authentication in this domain.
|
|
Action
| Ensure that the client is not performing a replay attack. Investigate the client performing the digest authentication and check that it is using unique nonce, digest, and created values.
|
|
|
BEA-090680
|
Error: Unable to verify the digest authentication for user username since the created time is not within the expiration time period
|
Description
| The WebLogic identity assertion provider supports digest authentication. Digest authentication includes a digest, nonce, and created values. The created timestamp must be within the expiration time period of the current time on this server.
|
|
Cause
| The created timestamp of the digest authentication is not within the expiration time period.
|
|
Action
| Increase the expiration time for the identity assertion provider or synchronize the system clocks on the client and server machines.
|
|
|
BEA-090681
|
Error: Digest authentication for user username has been disabled due to a previous fatal error in initializing replay detection
|
Description
| The WebLogic identity assertion provider supports replay detection via a database. During initialization of the replay detection, a fatal error occurred and digest authentication was disabled.
|
|
Cause
| A previous fatal error disabled digest authentication. Therefore, digest authentication for this user has failed.
|
|
Action
| Look in the log, identity the previous error, and correct the problem.
|
|
|
BEA-090682
|
Warning: Problem handling security deployment validation: msg
|
Description
| An unexpected problem occurred during the handling of security deployment validations.
|
|
Cause
| An initialization error or exception from a security provider.
|
|
Action
| This is an internal error. Contact BEA support.
|
|
|
BEA-090683
|
Error: The CertificateRegistry could not build a certificate path for end certificate cert. This indicates that either someone is trying to access the server with an untrusted certificate or that the administrator has forgotton to register the certificate in the CertificateRegistry.
|
Description
| The CertificateRegistry could not build a certificate path for the end certificate cert. This indicates that either someone is trying to access the server with an untrusted certificate or that the administrator has forgotton to register the certificate in the CertificateRegistry.
|
|
Cause
| The CertificateRegistry does not contain the certificate cert.
|
|
Action
| If you want to trust the end certificate cert, then register it in the CertificateRegistry.
|
|
|
BEA-090684
|
Error: The CertificateRegistry could not build a certificate path for the subject DN subjectDN. This indicates that either someone is trying to access the server with an untrusted subject DN or that the administrator has forgotton to register a certificate with this subject DN in the CertificateRegistry.
|
Description
| The CertificateRegistry could not build a certificate path for the subject DN subjectDN. This indicates that either someone is trying to access the server with an untrusted subject DN or that the administrator has forgotton to register a certificate with this subject DN in the CertificateRegistry.
|
|
Cause
| The CertificateRegistry does not contain a certificate whose subject DN is subjectDN.
|
|
Action
| If you want to trust the subject DN subjectDN, then register a certificate with this subject DN in the CertificateRegistry.
|
|
|
BEA-090685
|
Error: The CertificateRegistry could not build a certificate path for the issuer DN issuerDN and serial number serialNumber. This indicates that either someone is trying to access the server with an untrusted issuer DN and serial number or that the administrator has forgotton to register a certificate with this issuer DN and serial number in the CertificateRegistry.
|
Description
| The CertificateRegistry could not build a certificate path for the issuer DN issuerDN and serial number serialNumber. This indicates that either someone is trying to access the server with an untrusted issuer DN and serial number or that the administrator has forgotton to register a certificate with this issuer DN and serial number in the CertificateRegistry.
|
|
Cause
| The CertificateRegistry does not contain a certificate whose issuer DN is issuerDN and whose serial number is serialNumber.
|
|
Action
| If you want to trust the issuer DN issuerDN and serial number serialNumber, then register a certificate with this issuer DN and serial number in the CertificateRegistry.
|
|
|
BEA-090686
|
Error: The CertificateRegistry could not build a certificate path for the subject key identifier subjectKeyIdentifier. This indicates that either someone is trying to access the server with an untrusted subject key identifier or that the administrator has forgotton to register a certificate with this subject key identifier in the CertificateRegistry.
|
Description
| The CertificateRegistry could not build a certificate path for the subject key identifier subjectKeyIdentifier. This indicates that either someone is trying to access the server with an untrusted subject key identifier or that the administrator has forgotton to register a certificate with this subject key identifier in the CertificateRegistry.
|
|
Cause
| The CertificateRegistry does not contain a certificate whose subject key identifier is subjectKeyIdentifier.
|
|
Action
| If you want to trust the subject key identifier subjectKeyIdentifier, then register a certificate with this subject key identifier in the CertificateRegistry.
|
|
|
BEA-090687
|
Error: The CertificateRegistry could not validate a certificate path whose end certificate is cert. This indicates that either someone is trying to access the server with an untrusted certificate or that the administrator has forgotton to register the certificate in the CertificateRegistry.
|
Description
| The CertificateRegistry could not validate a certificate path whose end certificate is cert. This indicates that either someone is trying to access the server with an untrusted certificate or that the administrator has forgotton to register the certificate in the CertificateRegistry.
|
|
Cause
| The CertificateRegistry does not contain the certificate cert.
|
|
Action
| If you want to trust the end certificate cert, then register it in the CertificateRegistry.
|
|
|
BEA-090688
|
Error: The maximum number of concurrent lists has been exceeded. The maximum is max. These lists are allocated by listing functions listAliases for the CertificateRegistry. Wait for some of the existing lists to either expire or be closed. Lists automatically expire if they have not been used for timeout milliseconds.
|
Description
| The maximum number of concurrent lists has been exceeded. The maximum is max.
|
|
Cause
| Either the server is under very heavy load, or someone is launching a denial service attack against the server or some application code (e.g. a client) is not closing lists after it finishes using them.
|
|
Action
| Wait for some of the existing lists to either time out or be closed.
|
|
|
BEA-090689
|
Error: The certificate alias is null or empty.
|
Description
| The certificate alias passed as a parameter to one of the security provider methods is null.
|
|
Cause
| An empty or null certificate alias is not supported.
|
|
Action
| Modify the code to pass a non-null and non-empty certificate alias.
|
|
|
BEA-090690
|
Error: The file name is null or empty.
|
Description
| The file name passed as a parameter to one of the security provider methods is null.
|
|
Cause
| An empty or null file name is not supported.
|
|
Action
| Modify the code to pass a non-null and non-empty file name.
|
|
|
BEA-090691
|
Error: The certificate alias wildcard is null or empty.
|
Description
| The certificate alias wildcard passed as a parameter to one of the security provider methods is null.
|
|
Cause
| An empty or null certificate alias wildcard is not supported.
|
|
Action
| Modify the code to pass a non-null and non-empty certificate alias wildcard.
|
|
|
BEA-090692
|
Error: max cannot be < 0
|
Description
| The maximumToReturn parameter passed to a listing method such as listAliases is less than zero.
|
|
Cause
| The maximumToReturn value cannot be less than zero.
|
|
Action
| Pass in a maximumToReturn parameter value that is greater or equal to zero.
|
|
|
BEA-090693
|
Error: Certificate alias alias not found.
|
Description
| The alias parameter passed to the method is not registered in the security provider.
|
|
Cause
| The alias cannot be found.
|
|
Action
| Pass in a certificate alias that exists.
|
|
|
BEA-090694
|
Error: The security provider already has a certificate registered under the alias alias.
|
Description
| The certificate alias parameter passed to the registerCertificate method is an alias that already exists in the security provider.
|
|
Cause
| Certificate alias alias already exists in the security provider.
|
|
Action
| Pass in another certificate alias.
|
|
|
BEA-090695
|
Error: Subject DN subjectDN already registered under the alias alias
|
Description
| A certificate with the same subject DN as the certificate passed to the registerCertificate method is already registered in the security provider.
|
|
Cause
| A certificate with subject DN subjectDN already exists in the security provider under the alias alias.
|
|
Action
| Either remove the previous certificate from the security provider or register a different certificate.
|
|
|
BEA-090696
|
Error: Issuer DN issuerDN and serial number serialNumber already registered under the alias alias
|
Description
| A certificate with the same issuer DN and serial number as the certificate passed to the registerCertificate method is already registered in the security provider.
|
|
Cause
| A certificate with issuer DN issuerDN and serial number serialNumber already exists in the security provider under the alias alias.
|
|
Action
| Either remove the previous certificate from the security provider or register a different certificate.
|
|
|
BEA-090697
|
Error: Subject key identifier subjectKeyIdentifier already registered under the alias alias
|
Description
| A certificate with the same subject key identifier as the certificate passed to the registerCertificate method is already registered in the security provider.
|
|
Cause
| A certificate with subject key identifier subjectKeyIdentifier already exists in the security provider under the alias alias.
|
|
Action
| Either remove the previous certificate from the security provider or register a different certificate.
|
|
|
BEA-090698
|
Error: Errors occurred while importing data into this security provider.
|
Description
| Non-fatal errors were encountered while importing data into this security provider. The rest of the data has been successfully imported.
|
|
Cause
| Some of the data could not be imported into this security provider.
|
|
Action
| The getExceptions method on the ErrorCollectionException thrown by this method may be used to get a list of the errors that occurred.
|
|
|
BEA-090699
|
Error: Errors occurred while exporting data from this security provider.
|
Description
| Non-fatal errors were encountered while exporting data from this security provider. The rest of the data has been successfully exported.
|
|
Cause
| Some of the data could not be exported from this security provider.
|
|
Action
| The getExceptions method on the ErrorCollectionException thrown by this method may be used to get a list of the errors that occurred.
|
|
|
BEA-090700
|
Error: There is a problem with the class className pointed to by the weblogic.security.jacc.RoleMapperFactory.provider property.
|
Description
| A e exception was thrown while attempting to load className from the weblogic.security.jacc.RoleMapperFactory.provider property.
|
|
Cause
| JACC has been enabled by setting weblogic.security.jacc.RoleMapperFactory.provider property but there are problems instantiating the class.
|
|
Action
| Check to make sure that the class is present or change weblogic.security.jacc.RoleMapperFactory.provider property to a class that can be instantiated.
|
|
|
BEA-090701
|
Error: Unable to successfully obtain a RoleMapperFactory.
|
Description
| Unable to successfully obtain a RoleMapperFactory by calling weblogic.security.jacc.RoleMapperFactory.getRoleMapperFactory.
|
|
Cause
| The weblogic.security.jacc.RoleMapperFactory.provider property may not be set to a valid implementation of RoleMapperFactory.
|
|
Action
| Change weblogic.security.jacc.RoleMapperFactory.provider to point to an instance of a weblogic.security.jacc.RoleMapperFactory object.
|
|
|
BEA-090702
|
Warning: The JACCSecurityEnabled attribute has been specified without enabling the SecurityManager.
|
Description
| The server cannot have JACC enabled without also having a SecurityManager enabled.
|
|
Cause
| The server has been told to use JACC without a SecurityManager enabled.
|
|
Action
| If JACC is desired then a SecurityManager must be enabled. This can be done by specifying a value for the java.security.manager property or setting the Java2SecurityManagerMode to DEFAULT or CUSTOM. If JACC is not desired then unset the JACCSecurityEnabled attribute.
|
|
|
BEA-090703(retired)
|
Emergency: JACC is enabled but a JACCSecurityPolicyConfigurationFactoryProviderClassName has not been set.
|
Description
| JACC is enabled but a JACCSecurityPolicyConfigurationFactoryProviderClassName has not been set which means the server will not be able to find a JACC provider.
|
|
Cause
| The server has been told to use JACC without being told the class name to use to enable JACC.
|
|
Action
| If JACC is desired then a class name must be specified. This can be done by specifying a value for the javax.security.jacc.PolicyConfigurationFactory.provider property or setting the JACCSecurityPolicyConfigurationFactoryProviderClassName. If JACC is not desired then unset the JACCSecurityEnabled attribute.
|
|
|
BEA-090704(retired)
|
Emergency: The PolicyConfigurationFactory class name and Policy class name are not compatible.
|
Description
| The class name, if specified, for the JACCSecurityPolicyConfigurationFactoryProviderClassName attribute is not compatible with the class name, if specified, for the JACCSecurityPolicyProviderClassName attribute.
|
|
Cause
| Two incompatible class names have been specified, or a class name has been specified for one and not the other when the two must be compatible.
|
|
Action
| Check the documentation and make sure that compatible class names are set for the two attributes.
|
|
|
BEA-090705
|
Emergency: The PolicyConfigurationFactory, Policy, RoleMapperFactory class names are not specified or not compatible with each other.
|
Description
| The class name specified for javax.security.jacc.PolicyConfigurationFactory.provider or the class name for javax.security.jacc.policy.provider or the class name for weblogic.security.jacc.RoleMapperFactory.provider are either not all specified or not compatible.
|
|
Cause
| Incompatible class names have been specified. Generally this is caused by specifying but not specifying all three or by specifying class names that are not designed to work with each other.
|
|
Action
| Check the documentation and make sure that compatible class names are set for the three system properties.
|
|
|
BEA-090706(retired)
|
Info: Java 2 Security settings will be read from system properties and Java 2 Security MBean attributes will be ignored.
|
Description
| Java 2 Security settings will be read from system properties and Java 2 Security MBean attributes will be ignored.
|
|
Cause
| The Java2SecurityMBeanAttributesEnabled attribute on the SecurityConfigurationMBean is set to false.
|
|
Action
| To enable reading of Java 2 Security settings from MBean attributes set to true the Java2SecurityMBeanAttributesEnabled attribute on the SecurityConfigurationMBean.
|
|
|
BEA-090707
|
Info: Successfully obtained a roleMapperFactory RoleMapperFactory.
|
Description
| Successfully obtained a RoleMapperFactory.
|
|
|
BEA-090708(retired)
|
Emergency: Inconsistent security configuration. java.security.manager or java.security.policy has been specified on the cmdline but WebLogicServer has been told to use MBeans for Java 2 Security.
|
Description
| An inconsistent configuration is in place. java.security.manager or java.security.policy was specified on the cmdline but the server was told to use MBeans for Java 2 security.
|
|
Cause
| The Java2SecurityMBeanAttributesEnabled attribute on the SecurityConfigurationMBean is set to true but java.security.manager or java.security.policy was specified on the cmdline.
|
|
Action
| Either remove java.security.manager or java.security.policy from the cmdline or set Java2SecurityMBeanAttributesEnabled to false and specify all Java 2 Security and JACC settings on the cmdline.
|
|
|
BEA-090709
|
Emergency: Inconsistent security configuration.
|
Description
| Inconsistent security configuration. Look at the message for more details on the exact cause.
|
|
Cause
| The security cmdline properties aren't consistent with each other.
|
|
Action
| Address the inconsistency and reboot.
|
|
|
BEA-090710
|
Error: Unable to write the file pathname.
|
Description
| Unable to write the file pathname.
|
|
Cause
| Examine the nested exception for more information in diagnosing the problem.
|
|
Action
| Verify that the file is not a directory or a read-only file.
|
|
|
BEA-090711
|
Error: Unable to read the file pathname.
|
Description
| Unable to read the file pathname.
|
|
Cause
| Examine the nested exception for more information in diagnosing the problem.
|
|
Action
| Verify that the file exists and is not a directory.
|
|
|
BEA-090712
|
Error: Unable to read the JKS keystore pathname.
|
Description
| Unable to read the file pathname as a JKS keystore using an empty keystore password.
|
|
Cause
| Examine the nested exception for more information in diagnosing the problem.
|
|
Action
| Verify that the file is a JKS keystore.
|
|
|
BEA-090713
|
Error: Unable to read the certificate in the PEM or DER file pathname.
|
Description
| Unable to read the file pathname as PEM or DER file containing a single certificate.
|
|
Cause
| Examine the nested exception for more information in diagnosing the problem.
|
|
Action
| Verify that the file is a PEM or DER file containing a single certificate.
|
|
|
BEA-090714
|
Warning: The certificate chain from the peer could not be validated. Chain : certPath. Reason : reason.
|
Description
| The certificate chain from the peer could not be validated by one of the configured CertPathProviders.
|
|
Cause
| Either the certificate chain from the peer should not be allowed to access the server or the server or one of the configured CertPathProviders is not properly configured to trust the peer.
|
|
Action
| If the server is not supposed to trust the peer, inform the peer that it should use a different certificate chain. If the server should trust the peer, then either a configured CertPathProvider is improperly configured to not trust the peer, or the server is improperly configured to use the configured CertPathProviders for perform extra validation of SSL peer certificate chains. Check the server SSL configuration and the configured CertPathProvider configurations.
|
|
|
BEA-090715(retired)
|
Emergency: Inconsistent security configuration. A JACC system property has been specified on the cmdline but WebLogicServer has been told to use MBeans for JACC Security.
|
Description
| An inconsistent configuration is in place. javax.security.jacc.PolicyConfigurationFactory.provider or javax.security.jacc.policy.provider was specified on the cmdline but the server was told to use MBeans for JACC security.
|
|
Cause
| The Java2SecurityMBeanAttributesEnabled attribute on the SecurityConfigurationMBean is set to true but javax.security.jacc.PolicyConfigurationFactory.provider or javax.security.jacc.policy.provider was specified on the cmdline.
|
|
Action
| Either remove javax.security.jacc.PolicyConfigurationFactory.provider or javax.security.jacc.policy.provider from the cmdline or set Java2SecurityMBeanAttributesEnabled to false and specify all Java 2 Security and JACC settings on the cmdline.
|
|
|
BEA-090716
|
Alert: Failed to retrieve identity key/certificate from keystore ksFile under alias alias on server serverName
|
Description
| Retrieving key or certificate from keystore failed
|
|
Cause
| Wrong key password has been used
|
|
Action
| Correct the server SSL configuration
|
|
|
BEA-090717
|
Alert: Invalid server server SSL configuration
|
Description
| The server has inconsistent SSL configuration
|
|
Cause
| The server SSL configuration parameters are inconsistent
|
|
Action
| Verify that the SSL, keystore configuration options are consistent
|
|
|
BEA-090718
|
Notice: Security initializing using java security manager.
|
Description
| This message is displayed when the security subsystem is initializing during server startup and a java security manager is in use.
|
|
Cause
| This message is for informational purposes.
|
|
Action
| No action required.
|
|
|
BEA-090719
|
Notice: Security initializing using JACC for EJB and Servlet authorization.
|
Description
| This message is displayed when the security subsystem is initializing during server startup and the user has requested using JACC for EJB and Servlet authorization.
|
|
Cause
| This message is for informational purposes.
|
|
Action
| No action required.
|
|
|
BEA-090720
|
Error: The Managed Server could not start because the NodeManager's encryption service data was not found.
|
Description
| The Managed Server could not start because the NodeManager's NodeManagerProperties file was not found. The NodeManager's encryption service could not be instantiated.
|
|
Cause
| The Managed Server could not start because the NodeManager's NodeManagerProperties file was not found. The NodeManager's encryption service could not be instantiated.
|
|
Action
| Verify the existence and location of the NodeManager's NodeManagerProperties file.
|
|
|
BEA-090721
|
Error: The Managed Server could not start because it could not read the NodeManager's encryption service data.
|
Description
| The Managed Server could not start because it could not read the NodeManager's encryption service data.
|
|
Cause
| The Managed Server could not start because it could not read the NodeManager's encryption service data.
|
|
Action
| Verify the existence and location of the NodeManager's NodeManagerProperties file. Check that the read permissions are correct.
|
|
|
BEA-090722
|
Error: No ProviderChallengeContext returned from assertChallengeIdentity method for token type [tokenType]
|
Description
| The request to assert a challenge identity token returned a Provider Challenge Context object that is null. This caused the assertChallengeIdentity method to fail.
|
|
Cause
| Null object returned by assertChallengeIdentity method.
|
|
Action
| Investigate the implementation of the assertChallengeIdentity method to determine why a null ProviderChallengeContext object was returned for token type tokenType.
|
|
|
BEA-090723
|
Error: Null Challenge Context Parameter
|
Description
| A null challenge context was passed to the continueChallengeIdentity method of the identity assertion provider.
|
|
Cause
| The identity assertion challenge context was null.
|
|
Action
| The containers should not pass a null challenge context. This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090724
|
Error: Challenge identity assertion has not completed, subject is not available yet
|
Description
| The challenge identity assertion has not yet completed. Therefore, the call to get the subject from the identity assertion has failed.
|
|
Cause
| The method to get the subject was called before the identity assertion has completed.
|
|
Action
| Call the hasChallengeIdentityCompleted method before calling the method to get the subject.
|
|
|
BEA-090725
|
Error: Challenge identity assertion has completed, challenge token is not available
|
Description
| The challenge identity assertion has completed. Therefore, the call to get the challenge token from the identity assertion has failed.
|
|
Cause
| The method to get the challenge token was called after the identity assertion has completed.
|
|
Action
| Call the hasChallengeIdentityCompleted method before calling the method to get the challenge token.
|
|
|
BEA-090726
|
Error: Unexpected exception while reading credential attribute: msg
|
Description
| Credential Mapper caught LDAP exception while trying to read a current credential attribute from a lister.
|
|
Cause
| LDAP connection failure, corrupted LDAP database, or invalid cursor.
|
|
Action
| Verify that LDAP is up and running.
|
|
|
BEA-090727
|
Error: Failed to modify credential of type credType stored under alias alias
|
Description
| Caught an exception while trying to modify credential.
|
|
Cause
| LDAP connection failure, or the database is corrupted.
|
|
Action
| Verify that LDAP is up and running.
|
|
|
BEA-090728
|
Error: Failed to read credential of type credType stored under alias alias
|
Description
| Caught an exception while trying to read credential.
|
|
Cause
| LDAP connection failure, or the database is corrupted.
|
|
Action
| Verify that LDAP is up and running.
|
|
|
BEA-090729
|
Error: Failed to search for credentials of type credType with alias matching the pattern aliasPattern
|
Description
| Caught an exception while trying to search for credentials.
|
|
Cause
| LDAP connection failure, or the database is corrupted.
|
|
Action
| Verify that LDAP is up and running.
|
|
|
BEA-090730
|
Error: Failed to verify credential mapper LDAP hierarchy
|
Description
| Caught an LDAP exception while trying to verify credential mapper LDAP hierarchy.
|
|
Cause
| LDAP connection failure, or the database is corrupted.
|
|
Action
| Verify that LDAP is up and running.
|
|
|
BEA-090731
|
Error: Unable to retrieve query
|
Description
| Unable to retrieve query from internal connection.
|
|
Cause
| The internal query structure was not able to be retrieved from the connection. This could potentially be caused by a misconfigured DBMS ATN provider, but is more likely caused by an internal coding error in the DBMS ATN provider.
|
|
Action
| Review JDBC connection pool configuration, and provider level SQL Query settings. If these appear valid, this exception may indicate an internal coding error in the DBMS ATN provider. Contact BEA support.
|
|
|
BEA-090732
|
Error: Invalid data source name specified: name
|
Description
| An invalid data source name was specified
|
|
Cause
| The DBMS ATN provider was most likely configured with an invalid data source name
|
|
Action
| Review and correct the data source name in the DBMS ATN provider configuration
|
|
|
BEA-090733
|
Error: Unable to find specified data source: name
|
Description
| Unable to find the data source that was specified
|
|
Cause
| The DBMS ATN provider was most likely configured with an invalid or misconfigured data source
|
|
Action
| Review and correct the data source related configuration in the server and the DBMS ATN provider configuration
|
|
|
BEA-090734
|
Error: The connection pool was not usable
|
Description
| The connection pool used by the DBMS ATN provider was not usable
|
|
Cause
| The DBMS ATN provider or the connection pool it is configured to use may be misconfigured or unavailable.
|
|
Action
| Review the JDBC related configuration in the server and the DBMS ATN provider configuration, and test the JDBC connection pool.
|
|
|
BEA-090735
|
Error: The DBMS connection was not usable
|
Description
| The DBMS connection used by the DBMS ATN provider was not usable
|
|
Cause
| The DBMS ATN provider or the connection pool it is configured to use may be misconfigured or unavailable.
|
|
Action
| Review the JDBC related configuration in the server and the DBMS ATN provider configuration, and test the JDBC connection pool.
|
|
|
BEA-090736
|
Error: An exception occurred while validating the name configuration settings
|
Description
| An exception occurred while validating the name configuration settings
|
|
Cause
| An unexpected exception was thrown while validating configuration settings. This may indicate a configuration problem, or it may be an internal coding error
|
|
Action
| Review the exception trace for details on the cause, if the cause and solution are not apparent, contact BEA support.
|
|
|
BEA-090737
|
Error: An exception occurred while getting connection to validate the configuration settings
|
Description
| An exception occurred while getting connection to validate the configuration settings
|
|
Cause
| An exception was thrown while validating configuration settings. This may indicate a configuration problem, or it may be an internal coding error
|
|
Action
| Review the exception trace for details on the cause, if the cause and solution are not apparent, contact BEA support.
|
|
|
BEA-090738
|
Error: The name password hash algorithm is not usable
|
Description
| The name password hash algorithm is not usable
|
|
Cause
| The password algorithm name was not found to be supported by the JCE crypto configuration
|
|
Action
| Verify the password algorithm is specified correctly, and that the JCE configuration supports the algorithm.
|
|
|
BEA-090739
|
Error: The SQL statement for name does not appear to be correct
|
Description
| The SQL statement for name does not appear to be correct
|
|
Cause
| The DBMS SQL providers attempt to validate the configured SQL statements are correct. The validation code detected something was wrong with the configured SQL.
|
|
Action
| Review and correct the SQL statement.
|
|
|
BEA-090740
|
Error: An unexpected exception occurred while calling the name method of the user defined DBMS sub plugin
|
Description
| An unexpected exception occurred while calling the user defined DBMS sub plugin
|
|
Cause
| The DBMS pluggable runtime providers caught an unexpected exception while calling the user defined sub plugin. The cause likely resides in the user defined sub plugin.
|
|
Action
| Review the exception details and the user defined sub plugin code to determine the cause and action.
|
|
|
BEA-090741
|
Error: A SQLException occurred while calling the name method of the user defined DBMS sub plugin
|
Description
| A SQLException occurred while calling the user defined DBMS sub plugin
|
|
Cause
| The DBMS pluggable runtime providers caught a SQLException while calling the user defined sub plugin. The cause could be a database connectivity issue, or it could reside in the user defined sub plugin.
|
|
Action
| Review the exception details and the user defined sub plugin code to determine the cause and action.
|
|
|
BEA-090742
|
Error: The DBMS pluggable runtime sub plugin failed to load
|
Description
| The DBMS pluggable runtime sub plugin failed to load
|
|
Cause
| The DBMS pluggable runtime provider was not able to load the user defined sub plugin.
|
|
Action
| Review the DBMS pluggable runtime provider configuration. Verify the name of the user defined sub plugin class is correct, and that it is present in the server classpath.
|
|
|
BEA-090743
|
Error: An unexpected exception occurred while loading the name sub plugin class
|
Description
| An unexpected exception occurred while loading the name sub plugin class
|
|
Cause
| The DBMS pluggable runtime provider was not able to load the user defined sub plugin class and the exception thrown was not expected.
|
|
Action
| Review the exception details and the sub plugin configuration.
|
|
|
BEA-090744
|
Error: The DBMS sub plugin class name was not found
|
Description
| The DBMS sub plugin class name was not found
|
|
Cause
| The user defined sub plugin class was not found
|
|
Action
| Verify the name of the user defined sub plugin class is correct, and that it is present in the server classpath.
|
|
|
BEA-090745
|
Error: The DBMS sub plugin class name was not the correct type
|
Description
| The DBMS sub plugin class name was notthe correct type
|
|
Cause
| The user defined sub plugin class was not the correct type. Either the wrong class was specified, or the sub plugin was not coded correctly
|
|
Action
| Verify the user defined sub plugin class name is correct and that it implements the correct interface.
|
|
|
BEA-090746
|
Error: The DBMS sub plugin class name was not able to be accessed
|
Description
| The DBMS sub plugin class name was not able to be accessed
|
|
Cause
| The user defined sub plugin class was not able to be accessed. Either the wrong class was specified, or the sub plugin was not coded correctly
|
|
Action
| Verify the user defined sub plugin class name is correct, that it implements the correct interface, and that the class is publicly accessable.
|
|
|
BEA-090747
|
Error: The DBMS sub plugin class name was not able to be instantiated
|
Description
| The DBMS sub plugin class name was not able to be instantiated
|
|
Cause
| The user defined sub plugin class was not able to be instantiated. Either the wrong class was specified, or the sub plugin was not coded correctly
|
|
Action
| Verify the user defined sub plugin class name is correct, that it implements the correct interface, it is defined as a class, and it is not an abstract class.
|
|
|
BEA-090748
|
Error: There was a failure closing the DBMS connection
|
Description
| There was a failure closing the DBMS connection
|
|
Cause
| The exception information should be reviewed to determine the cause.
|
|
Action
| Review the exception details to determine if action is required.
|
|
|
BEA-090749
|
Error: Unknown algorithm for password hash
|
Description
| Unknown algorithm for password hash
|
|
Cause
| The password data appeared to be formatted as a hashed password, but the algorithm name determined was not usable.
|
|
Action
| Review the password to determine if it was really a hashed password or a plaintext password. If the password was plaintext, change the password to not match the hash syntax. If the password was hashed, review the JCE configuration to ensure the hash algorithm is available for use.
|
|
|
BEA-090750
|
Error: Unknown error converting password
|
Description
| Unknown error converting password
|
|
Cause
| An unknown error occurred converting the password. The cause is not known, and the original exception is not displayed as it could reveal password details.
|
|
Action
| Review the password to determine if it was really a hashed password or a plaintext password. If the password was plaintext, change the password to not match the hash syntax. If the password was hashed, review the JCE configuration to ensure the hash algorithm is available for use.
|
|
|
BEA-090751
|
Error: Failed to retrieve the prepared statement for sql
|
Description
| Failed to retrieve the prepared statement for sql
|
|
Cause
| Failed to retrieve the prepared statement for sql, this is potentially an internal coding error
|
|
Action
| Review the JDBC configuration, contact BEA support if the cause is not apparent
|
|
|
BEA-090752
|
Error: The password type in the DBMS was not a supported type
|
Description
| The password type in the DBMS was not a supported type
|
|
Cause
| It is most likely caused by the password field in the DBMS stored as an unexpected type, binary or char data is expected.
|
|
Action
| Review the type for the password field in the database to ensure it is either binary or char data
|
|
|
BEA-090753
|
Error: Hash algorithm name was not found
|
Description
| Hash algorithm name was not found
|
|
Cause
| The JCE configuration is most likely not setup to support the algorithm
|
|
Action
| Review the JCE configuration to ensure the hash algorithm is available for use.
|
|
|
BEA-090754
|
Error: The DBMS authenticator provider login module was not properly initialized
|
Description
| The DBMS authenticator provider login module was not properly initialized
|
|
Cause
| The DBMS authentication provider configuration may be incorrect, or there could be an internal coding error.
|
|
Action
| Review the DBMS authentication provider configuration. If no cause is found, contact BEA support.
|
|
|
BEA-090755
|
Error: A database connection was not available from pool. Try increasing Connection Pool Size or Timeout
|
Description
| A database connection was not available from pool
|
|
Cause
| The connection pool size or timeout settings may need to be increased
|
|
Action
| Review the JDBC connection pool related configuration in the server, and consider increasing the connection pool size or timeout
|
|
|
BEA-090756
|
Error: The DBMS provider was unable to form a query to access the name information
|
Description
| The DBMS provider was unable to form a query to access the name information
|
|
Cause
| For SQL based DBMS providers configuration is most likely incorrect. For sub pluggable DBMS providers the user defined sub-plugin code could also be the cause.
|
|
Action
| Review and correct the DBMS provider configuration. If a sub pluggable provider is being used, also review the user defined sub plugin code.
|
|
|
BEA-090757
|
Error: The DBMS provider got an exception when formatting the user
|
Description
| The DBMS provider got an exception when formatting the user
|
|
Cause
| If a user defined sub-plugin for formatting the user was supplied, it may have a coding error
|
|
Action
| Review and correct the user defined sub-plugin user format code.
|
|
|
BEA-090758
|
Error: The DBMS provider got an exception when formatting the groups
|
Description
| The DBMS provider got an exception when formatting the groups
|
|
Cause
| If a user defined sub-plugin for formatting the groups was supplied, it may have a coding error
|
|
Action
| Review and correct the user defined sub-plugin group format code.
|
|
|
BEA-090759
|
Error: A SQLException occurred while retrieving name information
|
Description
| A SQLException occurred while retrieving name information
|
|
Cause
| A SQLException occurred while retrieving name information
|
|
Action
| Review the exception details to determine the cause and action.
|
|
|
BEA-090760
|
Error: The user name was not unique in the DBMS
|
Description
| The user name was not unique in the DBMS
|
|
Cause
| This is caused by multiple records for the username existing in the DBMS
|
|
Action
| Review the DBMS records for the username.
|
|
|
BEA-090761
|
Error: Authentication failed for user name
|
Description
| Authentication failed for user name
|
|
Cause
| The exception details need to be reviewed to determine the cause
|
|
Action
| Review the exception details to determine the cause and action to take.
|
|
|
BEA-090762
|
Error: Exception occurred in login module
|
Description
| Exception occurred in login module
|
|
Cause
| The exception details need to be reviewed to determine the cause
|
|
Action
| Review the exception details to determine the cause and action to take.
|
|
|
BEA-090763
|
Warning: The ApplicationVersioner "className" does not implement the intfName interface and will not be used for application versioning.
|
Description
| The security provider does not implement the expected interface and will not be used for application versioning.
|
|
Cause
| At security provider initialization the expected interface was not implemented by the provider.
|
|
Action
| The security provider should be updated to implement the correct interface.
|
|
|
BEA-090764
|
Error: The ApplicationVersioner "providerClassName" for application "appId" returned an error: e.
|
Description
| During the create or delete of an application version, a versionable application provider returned an exception.
|
|
Cause
| There are multiple possible causes.
|
|
Action
| Carefully read the returned error to determine if any action is required.
|
|
|
BEA-090765
|
Error: Failed to create policies for application version appName
|
Description
| The WebLogic Authorization provider failed to create the policies for an application version because of an exception.
|
|
Cause
| An exception was thrown during the application version created method.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090766
|
Error: Failed to create roles for application version appName
|
Description
| The WebLogic Role Mapping provider failed to create the roles for an application version because of an exception.
|
|
Cause
| An exception was thrown during the application version created method.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090767
|
Error: Failed to create credential mappings for application version appName
|
Description
| The WebLogic credential mapping provider failed to create the credential mappings for an application version because of an exception.
|
|
Cause
| An exception was thrown during the application version created method.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090768
|
Error: credential mapping removal error
|
Description
| During the deletion of an application, the deletion of credential mappings for the application failed because of an error.
|
|
Cause
| An unexpected exception occurred when trying to remove the credentials for a deleted application.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090769
|
Error: The Active Directory ATN provider could not access the tokenGroups attribute for userDN nameDN with principal principal to perform group membership lookup.
|
Description
| The Active Directory ATN provider is configured to use the tokenGroups attribute group membership lookup algorithm, but the tokenGroups attribute was not accessable.
|
|
Cause
| The tokenGroups attribute was not accessable in the user entry. This is most likely the a problem with the Active Directory schema, or an Active Directory permission problem with the principal that is configured to access Active Directory.
|
|
Action
| Have the Active Directory administrator verify that the tokenGroup attribute is present in the Active Directory schema, and that the principal principal has permission to read the tokenGroups attribute in Active Directory
|
|
|
BEA-090770
|
Error: The mbean for provider providerName indicated it implements the ServletAuthenticationFilter interface, but the provider implementation providerClassName does not implement it
|
Description
| The mbean for provider providerName indicated it implements the ServletAuthenticationFilter interface, but the provider implementation providerClassName does not implement it
|
|
Cause
| The provider implementation does not implement the ServletAuthenticationFilter interface, but the provider mbean indicates that it does implement it.
|
|
Action
| Fix the provider implementation and mbean to be consistent
|
|
|
BEA-090771
|
Error: The Negotiate Identity Asserter was not configured with enough active types to perform negotiation.
|
Description
| The Negotiate Identity Asserter was not configured with enough active types to perform negotiation.
|
|
Cause
| The Negotiate Identity Asserter needs to be configured with all of its supported types specified as active types in order to perform negotiation.
|
|
Action
| Update the Negotiate Identity Asserter configuration to add all supported types listed for the provider to be active types.
|
|
|
BEA-090772
|
Error: The security realm realmName does not support application versioning. Unable to deploy the application appName.
|
Description
| The security realm realmName as configured does not support application versioning, and thus the deployment of the application version failed.
|
|
Cause
| The security realm realmName as configured does not support application versioning, and thus the deployment of the application version failed.
|
|
Action
| Deploy the application using a security realm that supports application versioning.
|
|
|
BEA-090773
|
Error: Failure in creating security application version information for the application appName.
|
Description
| An attempt to create security version information for application appName failed.
|
|
Cause
| An attempt to create security version information for application appName failed.
|
|
Action
| Check the server log for additional security error messages, correct security errors, and try again.
|
|
|
BEA-090774
|
Error: This method requires an encrypted argument but the argument passed to it was in clear text.
|
Description
| This method requires an encrypted argument but the argument passed to it was in clear text.
|
|
Cause
| This method was called with a clear-text argument but requires an encrypted argument.
|
|
Action
| To call this method programattically, call the non-encrypted set() method on the MBean. This will automatically encrypt the argument.
|
|
|
BEA-090775
|
Notice: The WebLogic SAML provider is unable to sign SAML assertions. Only unsigned SAML assertion types will be generated.
|
Description
| Signed SAML assertions are not possible. Only SAML assertions that can be generated without signing will be created.
|
|
Cause
| The provider was unable to obtain the private key or the signing information was not configured.
|
|
Action
| Check the server log file for more information and correct the provider or sever configurations.
|
|
|
BEA-090776
|
Warning: Exception when trying to generate a SAML assertion: msg
|
Description
| The SAML assertion could not be generated because an exception occurred.
|
|
Cause
| An exception during the generation of a SAML assertion.
|
|
Action
| Read the exception text from the log message for more information on diagnosing the problem.
|
|
|
BEA-090777
|
Warning: Exception when trying to sign a SAML assertion: msg
|
Description
| The SAML assertion could not be signed because an exception occurred.
|
|
Cause
| An exception during the signing of a SAML assertion.
|
|
Action
| Read the exception text from the log message for more information on diagnosing the problem.
|
|
|
BEA-090778
|
Error: No private key
|
Description
| The SAML assertion could not be signed because no private key was available.
|
|
Cause
| The provider was unable to obtain the private key or the signing information was not configured.
|
|
Action
| Check the server log file for more information and correct the provider or sever configurations.
|
|
|
BEA-090779
|
Error: Identity identity failed validation, downgrading to anonymous.
|
Description
| The provided identity failed validation. Within this domain, the identity is downgraded to Anonymous.
|
|
Cause
| Trust has not been properly established between two domains. If the domains are not configured properly, a hacker could make an attempt to guess the server identity for this domain.
|
|
Action
| See the documentation on "Enabling Trust Between WebLogic Domains" at http://e-docs.bea.com.
|
|
|
BEA-090780
|
Error: The Value Specified by -Dweblogic.security.URLResourceCaseMapping(arg0) and WebAppFilesCaseInsensitive Attribute on SecurityConfiguraitonMBean(arg1) does not match.
|
Description
| The Value Specified by -Dweblogic.security.URLResourceCaseMapping(arg0) and Attribute WebAppFilesCaseInsensitive on SecurityConfiguraitonMBean(arg1) doesnot match. They should be same.
|
|
Cause
| The Value of the property -Dweblogic.security.URLResourceCaseMapping is different from WebAppFilesCaseInsensitive Attribute on SecurityConfiguraitonMBean.
|
|
Action
| Please Correct -Dweblogic.security.URLResourceCaseMapping to start the server.
|
|
|
BEA-090781
|
Error: The SAMLLoginModule expected to receive a SAMLNameCallback and instead received a arg0.
|
Description
| The SAMLLoginModule expects to receive a SAMLNameCallback and a GroupCallback from the CallbackHandler and it did not receive what it expected.
|
|
Cause
| This likely a configuration problem, if a SAMLIALoginModule is configured without a corresponding SAMLIdentityAsserter being configured.
|
|
Action
| Check the configuration of Identity Asserters and Login Modules.
|
|
|
BEA-090782
|
Error: Server is Running in Production Mode and Native Library(terminalio) to read the password securely from commandline is not found.
|
Description
| Server is Running in Production Mode and Native Library(terminalio) to read the password securely from commandline is not found.
|
|
Cause
| Server could not start because it didn't find the Native Library to read the password securely from commandline in the PATH.
|
|
Action
| Verify that terminalio library exists in the path. You can set this by specifying -Djava.library.path to the directory where this library exists or you can use boot.properties to store the password or you can use -Dweblogic.management.allowPasswordEcho=true to enter the password in echo mode.
|
|
|
BEA-090783
|
Error: Server is Running in Development Mode and Native Library(terminalio) to read the password securely from commandline is not found.
|
Description
| Server is Running in Development Mode and Native Library(terminalio) to read the password securely from commandline is not found.
|
|
Cause
| Server could not start because it didn't find the Native Library to read the password securely from commandline in the PATH or -Dweblogic.management.allowPasswordEcho=false is set.
|
|
Action
| Verify that terminalio library exists in the path. You can set this by specifying -Djava.library.path to the directory where this library exists or you can use boot.properties to store the password or you can use -Dweblogic.management.allowPasswordEcho=true to enter the password in echo mode.
|
|
|
BEA-090784
|
Warning: While Trying to find the groups that userorgroupname belongs to,A Duplicate member groupname was detected.
|
Description
| While Trying to find the groups that userorgroupname belongs to,A Duplicate member groupname was detected.
|
|
Cause
| A duplicate Membership in the groups was detected.
|
|
Action
| It might be possible that a cycle exists in the group entries.
|
|
|
BEA-090785
|
Error: The Negotiate Identity Asserter found no identity to assert and no continuation was indicated.
|
Description
| The Negotiate Identity Asserter expected to retrieve an identity from a negotiate token, but none was retrieved.
|
|
Cause
| This likely a configuration problem.
|
|
Action
| Check the configuration for the negotiate identity asserter and kerberos.
|
|
|
BEA-090786
|
Error: The Negotiate Identity Asserter encountered an unexpected error processing a token.
|
Description
| The Negotiate Identity Asserter encountered an unexpected error processing a token.
|
|
Cause
| This should not happen. This could be due to an invalid or corrupt SPNEGO token, or possibly some unknown token format similar to SPNEGO.
|
|
Action
| This exception indicates an internal coding error in the server. Contact BEA support.
|
|
|
BEA-090787
|
Error: A Null DataSource name specified
|
Description
| A configuration setting that required a DataSource name was null.
|
|
Cause
| A configuration setting that required a DataSource name was null.
|
|
Action
| Check configuration settings that require DataSource names to verify they are correctly specified.
|
|
|
BEA-090788
|
Error: "Problem with DataSource/ConnectionPool configuration, verify DataSource name arg0 is correct and Pool configurations are correct"
|
Description
| The DataSource configuration based on a DataSource name was not found.
|
|
Cause
| A configuration setting that required a DataSource name was likely incorrect, or the pool settings associated with it are incorrect.
|
|
Action
| Check configuration settings to ensure the DataSource name is correct and the associated pool configuration settings are correct
|
|
|
BEA-090789
|
Error: The DBMS authentication provider encountered an unexpected exception during authentication.
|
Description
| An unexpected exception occurred during authentication.
|
|
Cause
| An unexpected exception occurred during authentication.
|
|
Action
| Review the exception stack trace. If the cause is not obvious, contact BEA support
|
|
|
BEA-090790
|
Error: BINARY or VARBINARY Result type is not allowed for this SQL statement arg0
|
Description
| SQL statement validation detected a result type of BINARY or BINARY which are not allowed for that statement
|
|
Cause
| The SQL statement result was a type that is not allowed for that statement
|
|
Action
| Review the SQL statement in the configuration to ensure it returns an appropriate type
|
|
|
BEA-090791
|
Error: Result type is not arg0 for SQL statement arg1
|
Description
| The SQL statement requires a result type of arg0
|
|
Cause
| The SQL statement requires a result type of arg0
|
|
Action
| Review the SQL statement in the configuration to ensure it returns an appropriate type
|
|
|
BEA-090792
|
Error: Parameter arg0 type is not CHAR or VARCHAR for SQL statement arg1
|
Description
| The SQL statement parameter arg0 requires a type of CHAR or VARCHAR
|
|
Cause
| The SQL statement parameter arg0 requires a type of CHAR or VARCHAR
|
|
Action
| Review the SQL statement in the configuration to ensure the parameter types are correct
|
|
|
BEA-090793
|
Error: Unexpected exception caught accepting the kerberos context, verify the JCE configuration is correct in java.security and the sun.security.jgss.SunProvider is configured
|
Description
| Unexpected exception caught accepting the kerberos context
|
|
Cause
| The exception stack should be reviewed, but this could be due to the JCE configuration in java.security not having the sun.security.jgss.SunProvider configured
|
|
Action
| Verify the JCE configuration is correct. If it is correct, review the exception to determine the cause.
|
|
|
BEA-090794
|
Error: Password hash algorithm was not specified
|
Description
| Password hash algorithm was not specified
|
|
Cause
| The configuration is most likely set with an empty password hash algorithm
|
|
Action
| Review the configuration to ensure the hash algorithm is specified correctly.,
|
|
|
BEA-090795
|
Error: No columns in SQL results, need 1 column for SQL statement arg0
|
Description
| No columns in SQL results, need 1 column for SQL statement arg0
|
|
Cause
| The SQL statement requires a result
|
|
Action
| Review the SQL statement in the configuration to ensure it returns an appropriate number and type of result
|
|
|
BEA-090796
|
Error: Number of parameters was expected to be arg0 but was arg1 for SQL statement arg2
|
Description
| Number of parameters was expected to be arg0 but was arg1 for SQL statement arg2
|
|
Cause
| The SQL statement requires a specific number of parameters, and the statement specified had a different number of parameters
|
|
Action
| Review the SQL statement in the configuration to ensure it has the expected number of parameters specified
|
|
|
BEA-090797
|
Error: Plaintext password usage was rejected
|
Description
| Plaintext password usage was rejected
|
|
Cause
| Plaintext passwords are configured to not be allowed, but a Plaintext password was either found in the database or was attempted to be written to the database.
|
|
Action
| If the failure occurred during authentication, review the database for plaintext passwords and correct the database. If the failure occurred while changing a password, review the password style settings to ensure they specify a non plaintext style.
|
|
|
BEA-090798
|
Error: Invalid characters found in input arg0
|
Description
| Input was specified that had invalid characters in it
|
|
Cause
| Input was specified that had invalid characters in it
|
|
Action
| Review the rejected input to determine what invalid characters were specified and enter the input without them
|
|
|
BEA-090799
|
Error: PKICredentialMapperImpl init failed: exc
|
Description
| The initialization of the WebLogic PKI credential mapping provider failed because of an exception.
|
|
Cause
| An exception was thrown during the initialization of the WebLogic PKI credential mapping provider.
|
|
Action
| Read the exception text in exc for more information on diagnosing the problem.
|
|
|
BEA-090800
|
Error: Value for argument argument for the credential type credType not found.
|
Description
| The value for argument for credential type credType could not be found.
|
|
Cause
| Value for argument for credential type credType does not exist in the LDAP server.
|
|
Action
| Pass a value that exists.
|
|
|
BEA-090801
|
Error: Value for resource resourceid, initiator name initiatorName representing user name isUsername. with credential action credAction for the credential type credType not found.
|
Description
| Value for resource resourceid, initiator name initiatorName representing user name isUsername. with credential action credAction for the credential type credType not found.
|
|
Cause
| Value for resource resourceid, initiator name initiatorName representing user name isUsername. with credential action credAction for the credential type credType does not exist in the LDAP server.
|
|
Action
| Pass the values that exists.
|
|
|
BEA-090802
|
Error: PKI Credential Mapper has got an LDAP exception.
|
Description
| The PKI Credential Mapper could not create the Key Pair mapping due to an LDAP Exception.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server to set the Key Pair mapping.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090803
|
Error: PKI Credential Mapper has got an LDAP exception.
|
Description
| The PKI Credential Mapper could not create the Public Certificate mapping due to an LDAP Exception.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server to set the Public Certificate Mapping.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090804
|
Warning: Credential of the type arg1 could be be removed.
|
Description
| Credential of the type arg1 could be be removed.
|
|
Cause
| An LDAP exception was thrown while accessing the LDAP server.
|
|
Action
| Check if the LDAP serer is up and running.
|
|
|
BEA-090805
|
Error: Failed to read credential for Resource resourceid, initiator name initiatorName representing user name isUsername. with credential action credAction for the credential type credType.
|
Description
| Failed to read credential for Resource resourceid, initiator name initiatorName representing user name isUsername. with credential action credAction for the credential type credType.
|
|
Cause
| LDAP connection failure, or the database is corrupted.
|
|
Action
| Verify that LDAP is up and running.
|
|
|
BEA-090806
|
Error: PKI Keystore at location location not found .
|
Description
| PKI Keystore at location location not found .
|
|
Cause
| Keystore configured at location location for the PKI Credential Provider not found.
|
|
Action
| Please create the keystore that is configured for the PKI Credential Mapper.
|
|
|
BEA-090807
|
Error: PKI Keystore at location location of the type type and of type provider and could not be loaded with the password provided.
|
Description
| PKI Keystore at location location of the type type and of type provider and could not be loaded with the password provided.
|
|
Cause
| Either the keystore password provided was not correct or the keystore type and provider not correctly entered.
|
|
Action
| Configure the keystore properly.
|
|
|
BEA-090808
|
Error: The keystore alias alias provided does not exist in the keystore configured for the provider.
|
Description
| The keystore alias alias provided does not exist in the keystore configured for the provider.
|
|
Cause
| The alias provided does not exist in the keystore configured for the provider.
|
|
Action
| Configure the keystore with the alias provided.
|
|
|
BEA-090809
|
Error: The key pair could not be retrieved from the keystore with the supplied alias alias and its password.
|
Description
| The key pair could not be retrieved from the keystore with the supplied alias alias and its password.
|
|
Cause
| Either the alias supplied does not represent a key pair or the password provided is incorrect.
|
|
Action
| Please configure the keystore with the key pair properly.
|
|
|
BEA-090810
|
Error: The keystore alias alias provided does not represent a certificate entry in the keystore.
|
Description
| The keystore alias alias provided does not represent a certificate entry in the keystore.
|
|
Cause
| The alias provided does not represent a certificate entry in the keystore.
|
|
Action
| Configure the keystore with the appropriate certificate entry.
|
|
|
BEA-090811
|
Error: The PKI Credential could not be retrieved from the keystore.
|
Description
| The PKI Credential could not be retrieved from the keystore.
|
|
Cause
| The mapping was not created properly.
|
|
Action
| Please configure the PKI Credentila mapping appropriately.
|
|
|
BEA-090812
|
Error: Could not create a keystoreType keystore instance for provider keystoreProvider. Exception: exception
|
Description
| When trying to create a keystore of type keystoreType for provider keystoreProvider, an exception was thrown.
|
|
Cause
| keystoreType is not a valid keystore type or keystore provider keystoreProvider was not properly configured.
|
|
Action
| Verify that the correct keystore type was specified and that the keystore provider is correctly specified in the java.security file.
|
|
|
BEA-090813
|
Error: DefaultCredentialMapperImpl.getCurrentMappingResourceID failed: No such resource maps list cursor available
|
Description
| The cursor is invalid and does not have a corresponding mapping list.
|
|
Cause
| Cursor is invalid.
|
|
Action
| Verify that the cursor was returned from the listMappings method.
|
|
|
BEA-090814
|
Info: Security Service is shutting down the security realm arg0.
|
Description
| This message is displayed when the security subsystem shuts down during server shutdown. This message logs the default configured security realm arg0.
|
|
Cause
| This message is for informational purposes.
|
|
Action
| This message is for informational purposes.
|
|
|
BEA-090815
|
Error: The password provided for the keystore configured for the PKICredential Mapper was null.
|
Description
| The password provided for the keystore configured for the PKICredential Mapper was null.
|
|
Cause
| The keystore password provided for the PKI Credential Mapper cannot be null.
|
|
Action
| Enter a valid password for the keystore configured for the PKI Credential Mapper.
|
|
|
BEA-090816
|
Error: Error creating security configuration runtime: t
|
Description
| During the initialization of the security service, the MBean for security configuration failed to initialize.
|
|
Cause
| During initialization, the security runtime registers with the management infrastructure. If this process fails, a management exception is thrown.
|
|
Action
| Read the exception text for more information on diagnosing the problem.
|
|
|
BEA-090817
|
Error: These configuration changes cannot be activated since the domain does not have a default realm configured.
|
Description
| These configuration changes cannot be activated since the domain''s SecurityConfiguration''s "DefaultRealm" is not set.
|
|
Cause
| The domain''s SecurityConfiguration''s "DefaultRealm" is not set.
|
|
Action
| To correct the problem, set the domain@apos;s SecurityConfiguration@apos;s "DefaultRealm" to one if it@apos;s realms. If it does not have any realms, create and configure one.
|
|
|
BEA-090818
|
Error: These configuration changes cannot be activated since the domain does not have properly configured default realm configured.
|
Description
| These configuration changes cannot be activated since the domain''s SecurityConfiguration''s "DefaultRealm" is not properly configured.
|
|
Cause
| The domain''s SecurityConfiguration''s "DefaultRealm" is not properly configured. See the nested exceptions that accompany this error for details.
|
|
Action
| To correct the problem, review and address the nested exceptions that accompany this error.
|
|
|
BEA-090819
|
Error: The JACC property propertyName is not set.
|
Description
| A JACC provider is attempting to initialize but propertyName property has not been set.
|
|
Cause
| A JACC provider is attempting to initialize but propertyName property has not been set.
|
|
Action
| Set the property and reboot.
|
|
|
BEA-090820
|
Error: The internal variable variableName is null and it should not be.
|
Description
| An internal variable that cannot be null is null.
|
|
Cause
| Unknown.
|
|
Action
| This exception is an internal error. Contact BEA support.
|
|
|
BEA-090821
|
Error: The configured CertPathBuilder provider returned an unordered CertPath.\nreason\nThe CertPath is\ncertPath
|
Description
| The configured CertPathBuilder provider returned an unordered CertPath.\nreason\nThe CertPath is\ncertPath
|
|
Cause
| The configured CertPathBuilder provider has a bug. It should never return an unordered CertPath.
|
|
Action
| Fix the bug in the configured CertPathBuilder.
|
|
|
BEA-090822
|
Error: The WLS CertPathValidator was passed an unordered CertPath.\nreason\nThe CertPath is\ncertPath
|
Description
| The WLS CertPathValidator was passed an unordered CertPath.\nreason\nThe CertPath is\ncertPath
|
|
Cause
| The WLS CertPathValidator was passed an unordered CertPath.\nreason\nThe CertPath is\ncertPath
|
|
Action
| Pass an ordered CertPath to the WLS CertPathValidator.
|
|
|
BEA-090823
|
Critical: Could not register the WLS X509CertificateFactory as the default X509CertificateFactory for this JVM.
|
Description
| Could not register the WLS X509CertificateFactory as the default X509CertificateFactory for this JVM.
|
|
Cause
| Could not register the WLS X509CertificateFactory as the default X509CertificateFactory for this JVM.
|
|
Action
| The WLS X509CertificateFactory orders the certificates in a CertPath that was created from PKCS7. \n Specify -Dweblogic.security.RegisterX509CertificateFactory=false on the command line for booting this server to indicate that WLS should not register the WLS X509CertificateFactory as the default X509CertificateFactory when the server boots (since your JDK does not support this). \n Also, since the WLS X509CertificateFactory cannot be registered with the JDK as the default X509CertificateFactory, the JDK will use its current default X509CertificateFactory. The default one (e.g. the SUN implementation) may not properly convert PKCS7 to an ordered CertPath.
|
|
|
BEA-090824
|
Error: Unable to generate SAML Assertion: msg
|
Description
| The SAML assertion could not be generated.
|
|
Cause
| The SAML assertion could not be generated due to incorrect SAML configuration or missing/incorrect parameters supplied to the assertion generator.
|
|
Action
| Check the SAML configuration.
|
|
|
BEA-090825
|
Warning: The arg0 provider did not import the keystore entry with alias name arg1 as the the provider keystore already has a key entry with the same alias name.
|
Description
| The arg0 provider did not import the keystore entry with alias name arg1 as the the provider keystore already has a key entry with the same alias name.
|
|
Cause
| Could not import the certificate as the alias name in the import keystore already exists as a key Entry in the Provider keystore.
|
|
Action
| Either set a different alias name for the entry in the import keystore or \n or change the alias name of the excising key entry in the provider keystore.
|
|
|
BEA-090826
|
Warning: The arg0 provider did not import the keystore entry with alias name arg1 as the the provider keystore already has a certificate entry with the same alias name.
|
Description
| The arg0 provider did not import the keystore entry with alias name arg1 as the the provider keystore already has a certificate entry with the same alias name.
|
|
Cause
| Could not import the certificate as the alias name in the import keystore already exists as a Certificate Entry in the Provider keystore.
|
|
Action
| Either set a different alias name for the entry in the import keystore or \n or change the alias name of the excising certificate entry in the provider keystore.
|
|
|
BEA-090827
|
Info: LDIF template file arg1 was empty. The WebLogic provider arg0 has been bootstrapped but has not been initialized with any LDIF data.
|
Description
| The security provider has not had its LDIF information loaded because the file was empty. This error may result in the server being unable to boot if no users with boot privileges can be found in any security provider.
|
|
Cause
| A WebLogic provider LDIF template file may have been overwritten with an empty file.
|
|
Action
| If the server boots successfully, no action is needed. If the server does not boot successfully then an attempt should be made to recover non-empty LDIFT template file from the WebLogic Server kit.
|
|
|
BEA-090828
|
Error: Identity Assertion type cannot be null
|
Description
| A null token type was passed to the assertIdentity method in the LDAP X509 identity assertion provider.
|
|
Cause
| The token type was null.
|
|
Action
| Null should not be passed as the token type.
|
|
|
BEA-090829
|
Error: Identity Assertion token cannot be null
|
Description
| A null token was passed to the assertIdentity method in the LDAP X509 identity assertion provider.
|
|
Cause
| The identity assertion token was null.
|
|
Action
| Null should not be passed as the token.
|
|
|
BEA-090830
|
Error: Identity Assertion type of tokenType is not a valid token type for the LDAP X509 identity assertion provider.
|
Description
| Identity Assertion type of tokenType is not a valid token type for the LDAP X509 identity assertion provider.
|
|
Cause
| The token type passed in did not match the LDAP X509 Identity Assertion token type.
|
|
Action
| Pass in the correct token type for the LDAP X506 identity assertion provider.
|
|
|
BEA-090831
|
Error: Unrecognized Callback
|
Description
| The LDAP X509 identity assertion provider received a callback type that is not supported. The LDAP X509 identity assertion provider only supports a NameCallback.
|
|
Cause
| Callback type is not supported.
|
|
Action
| Verify that the LoginModule for the configured Authentication provider is only passing a NameCallback when calling the handle method.
|
|
|
BEA-090832
|
Error: No matching certificate found in the LDAP directory.
|
Description
| No matching certificate found in the LDAP directory.
|
|
Cause
| No matching certificate were found in the LDAP directory.
|
|
Action
| Verify that the appropriate certificates are present in the configured LDAP directory.
|
|
|
BEA-090833
|
Error: No certificates found in the LDAP directory.
|
Description
| No certificates found in the LDAP directory.
|
|
Cause
| No certificates were found in the LDAP directory.
|
|
Action
| Verify that the appropriate certificates are present in the configured LDAP directory.
|
|
|
BEA-090834
|
Error: No LDAP connection could be established.
|
Description
| No LDAP connection could be established.
|
|
Cause
| The connection parameters provided were either not correct or the LDAP was offline.
|
|
Action
| Verify that the connection parameters provided are correct and the LDAP server is running.
|
|
|
BEA-090835
|
Error: Required parameter not supplied when performing the management operation on the PKI Credential Provider.
|
Description
| Required parameter not supplied when performing the management operation on the PKI Credential Provider. The principal name or resource parameter was either null or empty.
|
|
Cause
| A required parameter was null.
|
|
Action
| Please call the management operations with the appropriate parameters.
|
|
|
BEA-090836
|
Error: The Keystore provider configured for PKICredential Mapper does not exist at location location.
|
Description
| The Keystore provider configured for PKICredential Mapper does not exist at location location.
|
|
Cause
| The file location does not exist.
|
|
Action
| To use the PKICredentialProvider please point to an existing keystore. Reboot the server.
|
|
|
BEA-090837
|
Error: The configured keystore location for the PKI Credential Mapper is either null or empty.
|
Description
| The configured keystore location for the PKI Credential Mapper is either null or empty.
|
|
Cause
| The PKI Credential provider location value was either set to null or empty.
|
|
Action
| Set the PKI Credential provider keystore location to a valid keystore location.
|
|
|
BEA-090838
|
Emergency: The required WebLogic JACC RoleMapperFactory was not specified. Please specify the factory class using the system property weblogic.security.jacc.RoleMapperFactory.provider.
|
Description
| A class name was not specified for the weblogic.security.jacc.RoleMapperFactory.provider system property.
|
|
Cause
| A WebLogic JACC RoleMapperFactory class is required.
|
|
Action
| Check the documentation and make sure that the WebLogic JACC RoleMapperFactory system property is set properly.
|
|
|
BEA-090839
|
Error: Unexpected exception while registering SAML service service in application context context.
|
Description
| The SAML servlet context listener was unable to register the specified SAML service at the indicated request application context and URI.
|
|
Cause
| Internal server error.
|
|
Action
| Check server status.
|
|
|
BEA-090840
|
Info: Registered SAML service service at URI uri in application context app.
|
Description
| The SAML servlet was registered at the indicated application context and URI. The servlet will respond to SAML requests on that URI.
|
|
|
BEA-090841
|
Error: SAMLServlet: Unexpected exception while handling method request.
|
Description
| An exception was caught by the SAML servlet while it was handling a GET or POST request.
|
|
Cause
| SAML providers not configured correctly, internal server error, or malformed request.
|
|
Action
| Check SAML configuration and server status. If configuration is OK and server is operating normally, enable SAML debug logging for more information.
|
|
|
BEA-090842
|
Error: SAMLServletAuthenticationFilter: Unexpected exception.
|
Description
| An unexpected exception was caught during execution of the SAMLServletAuthenticationFilter doFilter() method.
|
|
Cause
| SAML providers not configured correctly, internal server error, or malformed request.
|
|
Action
| Check SAML configuration and server operation. If problem persists, enable SAML debug logging for more information.
|
|
|
BEA-090843
|
Error: provider provider initialization failed: argName parameter is null.
|
Description
| The argName parameter passed to the initialize() method of the provider provider was unexpectedly null and the provider did not initialize.
|
|
Cause
| Internal server error.
|
|
Action
| Try restarting server.
|
|
|
BEA-090844
|
Error: provider provider initialization failed: Invalid name property 'value' for 'context'.
|
Description
| The indicated property value is invalid.
|
|
Cause
| Incorrect provider configuration.
|
|
Action
| Check and update the indicated provider property.
|
|
|
BEA-090845
|
Error: provider provider initialization failed: Missing name property for "context".
|
Description
| The indicated required property is missing or null.
|
|
Cause
| Invalid provider configuration.
|
|
Action
| Check and update the indicated provider property.
|
|
|
BEA-090846
|
Error: provider provider initialization failed: Invalid name attribute 'value'.
|
Description
| The indicated attribute value is invalid.
|
|
Cause
| Incorrect provider configuration.
|
|
Action
| Check and update the indicated provider attribute.
|
|
|
BEA-090847
|
Error: provider provider initialization failed: Missing name attribute.
|
Description
| The indicated required attribute is missing or null.
|
|
Cause
| Invalid provider configuration.
|
|
Action
| Check and update the indicated provider attribute.
|
|
|
BEA-090848
|
Error: provider provider initialization failed: Unexpected exception.
|
Description
| The provider failed to initialize because an unexpected exception occurred while the provider was initializing.
|
|
Cause
| Internal server error.
|
|
Action
| Check server status.
|
|
|
BEA-090849
|
Error: provider provider initialization failed: Exception while initializing XML parsers.
|
Description
| The provider provider was unable to initialize the XML parser pool.
|
|
Cause
| Internal server error.
|
|
Action
| Check server.
|
|
|
BEA-090850
|
Error: provider provider initialization failed: Could not instantiate the SAMLKeyManager.
|
Description
| The SAMLKeyManager is used by the provider provider to obtain private keys and certificates for use in signing assertions and other SAML objects, and for client-side SSL authentication. The SAMLKeyManager could not be instantiated.
|
|
Cause
| Server SSL keystore is not configured, or internal server error.
|
|
Action
| Check server SSL configuration.
|
|
|
BEA-090851
|
Info: The provider provider is initialized.
|
|
BEA-090852
|
Error: provider provider initialize failed: Could not instantiate the SAMLTrustManager.
|
Description
| The provider provider uses the SAMLTrustManager to establish trust in certificates used to sign assertions or other SAML objects, and to verify the SSL identity of some entities making SSL-protected requests, and could not instantiate the trust manager.
|
|
Cause
| Embedded LDAP server available, internal server error.
|
|
Action
| Check embedded LDAP and server.
|
|
|
BEA-090853
|
Error: SAMLIdentityAsserter initialization failed: Could not instantiate/initialize the used assertion cache class: className.
|
Description
| The used assertion cache class is an implementation of the SAMLUsedAssertionCache interface. There is an internal default class that is used if no custom implementation is configured. The SAMLIdentityAsserter could not instantiate, or could not initialize, this class.
|
|
Cause
| Invalid class name configured, class is not visible to the class loader, or initialization parameters are incorrect..
|
|
Action
| Check configuration of class name and initialization parameters. Check that class is installed in a valid location.
|
|
|
BEA-090854
|
Error: provider provider initialization failed: Could not retrieve credentials for alias.
|
Description
| The provider provider requires PKI credentials associated with the alias alias, which could not be retrieved by the SAMLKeyManager.
|
|
Cause
| SSL identity not configured for server.
|
|
Action
| Check SSL configuration.
|
|
|
BEA-090855
|
Error: SAMLCredentialMapper initialization failed: Could not instantiate/initialize the assertion store class: className.
|
Description
| The assertion store class is an implementation of the SAMLAssertionStore interface. There is an internal default class that is used if no custom implementation is configured. The SAMLCredentialMapper could not instantiate, or could not initialize, this class.
|
|
Cause
| Invalid class name configured, class is not visible to the class loader, or initialization parameters are incorrect..
|
|
Action
| Check configuration of class name and initialization parameters. Check that class is installed in a valid location.
|
|
|
BEA-090856
|
Error: provider configuration update failed: Provider settings updated while not initialized.
|
Description
| An attempt was made to update provider settings when the provider had not been initialized (or initialization had failed).
|
|
Cause
| Internal server error.
|
|
Action
| Check server.
|
|
|
BEA-090857
|
Error: provider provider initialization failed: Could not register MBean update listener.
|
Description
| The MBean update listener listens for changes to the provider MBean and calls the provider to update configuration settings when they change. The provider was unable to register its listener.
|
|
Cause
| Internal server error.
|
|
Action
| Check server.
|
|
|
BEA-090858
|
Error: SAMLIdentityAsserter provider initialization failed: Multiple assertion retrieval URLs for the same source site: URL: ssURL, Id Hex: srcIdHex, Id Base64: srcIdB64.
|
Description
| The SAMLIdentityAsserter found multiple assertion retrieval URLs configured for the same SAML source site.
|
|
Cause
| Invalid SAMLIdentityAsserter configuration.
|
|
Action
| Check configuration.
|
|
|
BEA-090859
|
Warning: The realm realm does not have a cert path validator configured. To correct the problem, configure a cert path provider that supports cert path validation.
|
Description
| The realm realm does not have a cert path validator configured.
|
|
Cause
| The realm realm does not have a cert path validator configured.
|
|
Action
| To correct the problem, configure a cert path provider that supports cert path validation.
|
|
|
BEA-090860
|
Error: No XACML evaluator for the following function identifier and argument types: message.
|
Description
| No XACML evaluator for the following function identifier and argument types: message.
|
|
Cause
| The function identifier is not defined or does not support the indicated argument types. Access will be denied to affected resources.
|
|
Action
| Check XACML policy set and correct the function identifier, then reboot the server.
|
|
|
BEA-090861
|
Error: Certificate Policies Extension Processing Failed,PolicyId: arg0 doesnot Exist in the allowed list
|
Description
| Certificate Policies Extension Processing Failed,PolicyId: arg0 doesnot Exist in the allowed list
|
|
Cause
| Certificate Policies Extension Processing Failed,PolicyId: arg0 doesnot Exist in the allowed list
|
|
Action
| Add the Policyid to the Allowed Policyids list.
|
|
|
BEA-090862
|
Error: Certificate Policies Extension Processing Failed,PolicyQualifierID: arg0 is not CPS
|
Description
| Certificate Policies Extension Processing Failed,PolicyQualifierID: arg0 is not CPS
|
|
Cause
| Certificate Policies Extension Processing Failed,PolicyQualifierID: arg0 is not CPS
|
|
Action
| Check the Certificate Presented as the Certificates containing the PolicyQualifierID other than CPS are not supported.
|
|
|
BEA-090863
|
Error: There was an error in the SAML CredentialMapper Cache subsystem. The exception is throwable.
|
Description
| SAML Cache Lookup failed.
|
|
Cause
| The SAML Cache could have been misconfigured.
|
|
Action
| Please check the SAML Cache parameters and restart the server.
|
|
|
BEA-090864
|
Error: There was an error when transforming an XML fragment. The exceptions is throwable.
|
Description
| An exception was raised when serializing the node.
|
|
Cause
| A default transformer may not have been properly configured to serialize the XML Node.
|
|
Action
| Please configure at least a single JAXP transformer to serialize the XML node.
|
|
|
BEA-090865
|
Warning: The realm realm is not configured to handle MBean authorization. To correct the problem, configure an authorization provider that supports MBean authorization.
|
Description
| The realm realm is not configured to handle MBean authorization.
|
|
Cause
| The realm realm is not configured to handle MBean authorization.
|
|
Action
| To correct the problem, configure an authorization provider that supports MBean authorization.
|
|
|
BEA-090866
|
Warning: The deployment of an unchecked policy for the resource "resourceId" has been ignored. Unchecked policy is the default policy for URL and EJB resources. An unchecked policy can result if a deployment descriptor specifies a transport guarantee without the use of an authorization constraint.
|
Description
| The security policy specified in the deployment descriptor has been ignored.
|
|
Cause
| The application has been configured to ignore security data from deployment descriptors.
|
|
Action
| When the deployment descriptor specifies a transport guarantee without the use of an authorization constraint no action is needed. Otherwise, remove security policy from the application deployment descriptor or change the security configuration to allow deployment of security policy.
|
|
|
BEA-090867
|
Error: No results found for the SAML party search filter " filter.
|
Description
| The search filter parameter passed to the method can not be resolved to any SAML parties.
|
|
Cause
| The SAML party search filter yields no results.
|
|
Action
| Check that SAML party configurations.
|
|
|
BEA-090868
|
Warning: The realm realm has an invalid SAML configuration. To correct the problem, ensure that there is only one of each SAML provider type and that the version of the SAML providers are the same.
|
Description
| The realm realm is not properly configured for SAML.
|
|
Cause
| The realm realm has an invalid set of SAML providers.
|
|
Action
| To correct the problem, ensure that there is only one of each SAML provider type and that the version of the SAML providers are the same.
|
|
|
BEA-090869
|
Error: The PolicyConsumer "policyConsumerProviderLoggingName" returned an error: e.
|
Description
| While attempting to consume policy the Authorization provider returned an exception.
|
|
Cause
| There are multiple possible causes.
|
|
Action
| Carefully read the returned error to determine if any action is required.
|
|
|
BEA-090870
|
Error: The realm "realmName" failed to be loaded: e.
|
Description
| While attempting to load the realm an exception was thrown.
|
|
Cause
| There are multiple possible causes.
|
|
Action
| Carefully read the returned error to determine if any action is required.
|
|
|
BEA-090871
|
Error: The RoleConsumer "roleConsumerProviderLoggingName" returned an error: e.
|
Description
| While attempting to consume roles the Role provider returned an exception.
|
|
Cause
| There are multiple possible causes.
|
|
Action
| Carefully read the returned error to determine if any action is required.
|
|
|
BEA-090872
|
Error: The arg0 service can not be found for arg1
|
Description
| A particular service could not be found.
|
|
Cause
| A null was returned when doing a service lookup
|
|
Action
| Check the configuration to see that the missing service was actually configured.
|
|
|
BEA-090873
|
Error: Expected a arg0 object but did not get one.
|
Description
| There is a configuration problem because an object was expected and a different object was returned.
|
|
Cause
| Possible configuration problem.
|
|
Action
| Check configuration.
|
|
|
BEA-090874
|
Error: arg0 returned a null arg1.
|
Description
| There is a configuration problem because a null object was returned.
|
|
Cause
| This should never happen.
|
|
Action
| Examine the specific objects referenced in the error message to see what may be the cause.
|
|
|
BEA-090875
|
Error: Null parameter supplied to method arg0
|
Description
| A null parameter was supplied to the method
|
|
Cause
| A parameter was not correctly specified
|
|
Action
| This is most likely a coding error.
|
|
|
BEA-090876
|
Error: arg0Consumer not configured
|
Description
| An attempt was made to reference a Consumer but none are configured
|
|
Cause
| An attempt was made to reference a Consumer but none are configured
|
|
Action
| This is most likely a configuration error.
|
|
|
BEA-090877
|
Error: Service arg0 unavailable, see exception text: arg1
|
Description
| An exception occurred when attempting to obtain a service.
|
|
Cause
| The exception text should indicate the cause.
|
|
Action
| This is most likely a configuration error.
|
|
|
BEA-090878
|
Error: Unknown token type: arg0
|
Description
| Received an unknown token type.
|
|
Cause
| Likely caused by the token type not being properly configured.
|
|
Action
| This is most likely a configuration error.
|
|
|
BEA-090879
|
Warning: The certificate for the imported alias arg0 is already in registry, certificate not imported
|
Description
| Partner alias arg0 and certificate already exist in registry, Import operation not performed for the specified alias
|
|
Cause
| None
|
|
Action
| No action required.
|
|
|
BEA-090880
|
Warning: Could not load JAAS configuration file for JVM
|
Description
| Unable to load JAAS configuration file.
|
|
Cause
| Class similar to com.sun/ibm.security.auth.login.ConfigFile was not located in classpath.
|
|
Action
| Make sure com.sun.security.auth.login.ConfigFile/com.ibm.security.auth.login.ConfigFile is available as part of classpath or -Dweblogic.security.authentication.Configuration=class name is passed as startup system property and is available as part of classpath.
|
|
|
BEA-090881
|
Error: Administration Server Unavailable: Management operation could not be performed
|
Description
| The management operation could not be performed because the administration server is not available.
|
|
Cause
| The administration server is not reachable.
|
|
Action
| Check that the administration server is running and available on the network.
|
|
