About Me

About Me
Working with SOA technologies , implementing solution using IBM BPM , IBM Integration Designer,IBM WODM and IBM DataPower

About me

View Mahesh Dondeti's profile on LinkedIn

upcoming posts on IBM Bluemix,Devops,Worklight,Node js.

Monday, 21 October 2013

Resolving steps to JMSSecurityException(CWSIA0006E)in BPM



Hello Friends I would like to share exception  which I had faced in the below scenario.



Scenario :-(Order Submit)

 This scenario aim to takes orders from customer.A customer  will submit a his order from web application (jsp or html).When he click on submit order button  need to generate and  store the event into JMS queue. BPD is configured to this event queue that will do another business.
 To build entire scenario go through the below link
Invoking ProcessApp from WebApp
For example ,Used  html page to get the Orders and it will invoke a JMS Program(servlet) ,Send message to event queue ,While doing this process I got the below exception  






Error Description:-



 10:49:12:830 IST] 00000060 SystemErr     R javax.jms.JMSSecurityException: CWSIA0006E: The authorization for the supplied user name was not successful.

[10/21/13 10:49:12:830 IST] 00000060 SystemErr     R    at com.ibm.ws.sib.api.jms.impl.JmsManagedConnectionFactoryImpl.createConnection(JmsManagedConnectionFactoryImpl.java:183)

[10/21/13 10:49:12:831 IST] 00000060 SystemErr     R    at com.ibm.ws.sib.api.jms.impl.JmsManagedQueueConnectionFactoryImpl.createQueueConnection(JmsManagedQueueConnectionFactoryImpl.java:84)

[10/21/13 10:49:12:831 IST] 00000060 SystemErr     R    at com.ibm.ws.sib.api.jms.impl.JmsManagedQueueConnectionFactoryImpl.createQueueConnection(JmsManagedQueueConnectionFactoryImpl.java:73)



 RootCause:-



Authorization problems connecting to the bus The primary reason for an authorization failure when connecting to the bus is that the user, or a group that includes the user, does not have the bus connector role for that bus.



Resolving steps:-

  To resolve this exception need to change configuration at server level.we can configure a user to have the bus connector role using the administrative console or the wsadmin scripting tool. Best practice is to assign roles using groups rather than users directly.



  1. Login to the admin console and Click on Buses under Service Integration as shown in below figure and security was enable.


  2. Click on  the    PROCSVR.Dev4126Node01Cell.Bus.Go for security tab  under additional properties click on that.


  3. Click on “Manage destination access roles” then click on destination “eventqueueDestination.Dev4126Node01.server1” to change security levels.


  4. Click on Add then A new panel displays that lets you add users and groups (along with thespecial Everyone, All Authenticated, and Server groups) to the bus connectorrole. Here I was selected everyone (you can add individual user or group).



  5. You do not need to restart the server..Then run your application.




    Observations:-



    • Why to choose the “PROCSVR.Dev4126Node01Cell.Bus”  only?
    • Why  to choose the  “eventqueueDestination.Dev4126Node01.server1” only?



    Here is the answer for above question.



    1. If you observe the below fig.BPM uses the “ eventqueue” to listen the events generated from external application.


    2. Click on “ eventqueue”  as shown in below fig.This Queue was member of “PROCSVR.Dev4126Node01Cell.Bus” and destination was “eventqueueDestination.Dev4126Node01.server1”.



                              

         I hope this post helps you. So far this is my best effort to explain. 
         Please correct me if I do anything wrong.



          Please share your valuable suggestions and feedback to my mail   
          id"mdondetisbit@gmail.com" to improve myself.