Expand my Community achievements bar.

SOLVED

AssetManagerException - Cannot search assets

Avatar

Level 3

Hello,

I've come across a situation where I'm no longer able to use the Correspondence Solution Accelerator due to errors when trying to run an asset search.  I'm unsure how it happened, but now, whenever I log into the Manage Templates application, it fails when trying to retrieve the data dictionaries.  This happens for every type of user, including the super admin.

I thought that maybe running the Bootstrap might clean things up, but the same happens there as well.  The following is the output in the browser from the Bootstrap error:

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

org.springframework.web.util.NestedServletException: Request processing failed; nested exception is com.adobe.icc.dbforms.exceptions.ICCException: ALC-DCT-002-007: AssetManagerException: {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search
     org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:656)
     org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)
     org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
     org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:89)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     com.adobe.livecycle.usermanager.authentication.web.CSRFFilter.doFilter(CSRFFilter.java:52)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
     org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
     org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
     com.adobe.idp.um.auth.filter.SecurityFilter.doFilter(SecurityFilter.java:182)
     org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)

root cause

com.adobe.icc.dbforms.exceptions.ICCException: ALC-DCT-002-007: AssetManagerException: {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search
     com.adobe.icc.ICCBootstrapper.doPost(ICCBootstrapper.java:126)
     com.adobe.icc.ICCBootstrapper.doGet(ICCBootstrapper.java:83)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
     org.springframework.web.servlet.handler.SimpleServletHandlerAdapter.handle(SimpleServletHandlerAdapter.java:63)
     org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771)
     org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716)
     org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
     org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)
     org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
     org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:89)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     com.adobe.livecycle.usermanager.authentication.web.CSRFFilter.doFilter(CSRFFilter.java:52)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
     org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
     org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
     com.adobe.idp.um.auth.filter.SecurityFilter.doFilter(SecurityFilter.java:182)
     org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)

root cause

com.adobe.icc.dbforms.exceptions.ICCException: ALC-DCT-002-007: AssetManagerException: {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search
     com.adobe.icc.bootstrap.AssetDefinitionsDeployer.bootstrap(AssetDefinitionsDeployer.java:65)
     com.adobe.icc.ICCBootstrapper.doPost(ICCBootstrapper.java:118)
     com.adobe.icc.ICCBootstrapper.doGet(ICCBootstrapper.java:83)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
     org.springframework.web.servlet.handler.SimpleServletHandlerAdapter.handle(SimpleServletHandlerAdapter.java:63)
     org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771)
     org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716)
     org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
     org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)
     org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
     org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:89)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     com.adobe.livecycle.usermanager.authentication.web.CSRFFilter.doFilter(CSRFFilter.java:52)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
     org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
     org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
     com.adobe.idp.um.auth.filter.SecurityFilter.doFilter(SecurityFilter.java:182)
     org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)

root cause

com.adobe.dct.exception.DCTException: ALC-DCT-002-007: AssetManagerException: {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search
     com.adobe.dct.service.impl.DataDictionaryRegistryServiceImpl.searchDataDictionaries(DataDictionaryRegistryServiceImpl.java:375)
     com.adobe.dct.service.impl.DataDictionaryRegistryServiceImpl.getSystemDataDictionaries(DataDictionaryRegistryServiceImpl.java:534)
     sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
     sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
     java.lang.reflect.Method.invoke(Unknown Source)
     org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
     org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
     org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
     org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:67)
     org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
     org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
     $Proxy560.getSystemDataDictionaries(Unknown Source)
     com.adobe.icc.bootstrap.AssetDefinitionsDeployer.bootstrap(AssetDefinitionsDeployer.java:61)
     com.adobe.icc.ICCBootstrapper.doPost(ICCBootstrapper.java:118)
     com.adobe.icc.ICCBootstrapper.doGet(ICCBootstrapper.java:83)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
     org.springframework.web.servlet.handler.SimpleServletHandlerAdapter.handle(SimpleServletHandlerAdapter.java:63)
     org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771)
     org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716)
     org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
     org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
     javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)
     org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
     org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:89)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     com.adobe.livecycle.usermanager.authentication.web.CSRFFilter.doFilter(CSRFFilter.java:52)
     org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
     org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
     org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
     org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
     com.adobe.idp.um.auth.filter.SecurityFilter.doFilter(SecurityFilter.java:182)
     org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)

note The full stack trace of the root cause is available in the JBossWeb/2.0.0.GA logs.

So I've tried rebotting the server, running the Bootstrap, checking the permissions in the LC Admin etc, but no luck.

Does anyone have a clue why this has happened and how it might be fixed?  As it is right now, I can't use the SA at all!!!

Thanks,

Kristian

1 Accepted Solution

Avatar

Correct answer by
Former Community Member

Hi Kristian,

Try bootstrapping with the option 'createSampleUsers=true'. This is what your boostrap URL would hence look like - http://<host>:<port>/cmsa/Bootstrap?createSampleUsers=true

This should resolve your issue. Let us know...

View solution in original post

16 Replies

Avatar

Former Community Member

Did you change any permissions in and around CM?

Could you please provide details on what was done on the system before you hit this issue?

Avatar

Level 3

Hi Saket,

I'm not 100% sure of the exact steps I  performed before the error, but I do know that it happened while I was  using the admin interface looking into permissions.  I don't know if  it's relevent or not, but when I was doing this, I had the LC  Administrator open and was using the CMSA as a different user at the  same time in the same browser window (I know - not smart), so some sort  of conflict may have occured.

I don't remember actually  making any changes to Roles or Groups in the admin interface while I  was in there.  But to be sure, I've just checked the details for the  Super Admin account, since this is the account that is being used to run  the bootstrap process that is failing.  The account is in the following  groups and roles:

Groups:

System Data Dictionary Administrator (which is in the following role - LiveCycle Contentspace User)

Roles:

LiveCycle Contentspace User

Administration Console User

LiveCycle Workflow Process Administrator

LiveCycle Workflow Process Developer

Super Administrator

So  I'm 99.9% sure that I never edited any of these Groups or Roles  directly.  What I did do while I was in there was assign my own LC user  (kristian) to be a part of the 'Correspondence Management System DD  Administrator' Role, which I made myself a few weeks ago.  However, I  don't know how this could have made this kind of impact on the system.  I  just tried taking myself out of the group and running the bootstrap  again (with Super Admin as always), but I keep getting the same error.

That's  about all I can think of that was heppening when the error started.   The Admin interface was definitely running in the same browser and I was  looking into User groups, roles and permissions when it started, but  I'm so sure I didn't mess with anything like the above (for this exact  reason).  Are the groups and roles I have specified for the Super Admin  account correct and the default?

If you need any more information, please let me know.

Thanks,

Kristian

Avatar

Former Community Member

The user with  you are bootstrapping with should be part of the group (directly) "System Data Dictionary Administrator" and domain "DefaultDom".

Could you check what does the group "System Data Dictionary Administrator" show as its "Child Principals"?

Avatar

Level 3

I'm bootstrapping with the built in default administrator account (userID 'administrator') and they are in the 'DefaultDom' domain.  They are also the only child principal in the 'System Data Dictionary Administrator' group, so all looks ok there.

Cheers,

Kristian

Avatar

Level 3

And also this is not only happening for the administrator account when bootstrapping - it also happens for all the users when starting the Manage Assets flex application.  When I try and log in to the app with the system example accounts of clopez, grios etc, the same thing happens when the flex app starts.  I gave the bootstrap error log only, but the rest have the same error.  So it's a system wide problem, not exclusive to the bootstrap...

Hope that helps!

Avatar

Former Community Member

Are there any customizations done on the solution?

I am specifically interested if there are any changes done to the file security-es-config.xml? If possible, could you share what's in that XML on the deployed EAR?

Avatar

Level 3

Here's the security-es-config.xml from the deployed EAR:

<?xml version="1.0" encoding="UTF-8"?>
<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  ~ ADOBE CONFIDENTIAL
  ~  ___________________
  ~
  ~   Copyright 2010 Adobe Systems Incorporated
  ~   All Rights Reserved.
  ~
  ~  NOTICE:  All information contained herein is, and remains
  ~  the property of Adobe Systems Incorporated and its suppliers,
  ~  if any.  The intellectual and technical concepts contained
  ~  herein are proprietary to Adobe Systems Incorporated and its
  ~  suppliers and may be covered by U.S. and Foreign Patents,
  ~  patents in process, and are protected by trade secret or copyright law.
  ~  Dissemination of this information or reproduction of this material
  ~  is strictly forbidden unless prior written permission is obtained
  ~  from Adobe Systems Incorporated.
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->

<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:jee="http://www.springframework.org/schema/jee"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee.xsd">

    <!-- Throw Handler -->
    <bean id="lc.um.es.throwHandler" class="com.adobe.livecycle.usermanager.spring.TimeoutAwareThrowHandler">
      <property name="authenticationManager" ref="lc.um.es.authenticationManagerClient" />
      <property name="credentialProvider" ref="lc.um.es.remoteCredentialProvider" />
    </bean>
    
    
    <bean id="lc.dscProperties" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
        <property name="ignoreResourceNotFound">
            <value>true</value>
        </property>
        <property name="localOverride">
            <value>true</value>
        </property>
        <property name="properties">
            <value>
                dummyproperty=dummyvalue
            </value>
        </property>
    </bean>
   
    <!-- Credential Provider bean for integration with RIA Content - Uses the current user's assertion -->
    <bean id="lc.content.umCredentialProvider" class="com.adobe.livecycle.usermanager.integration.AssertionCredentialProvider" primary="true"/>
   
    <alias name="lc.um.es.remoteCredentialProvider" alias="lc.content.adminCredentialProvider"/>

     <bean id="lc.um.es.remoteCredentialProvider"
           class="com.adobe.livecycle.usermanager.integration.RemoteAccountCredentialProvider" >
         <property name="jdbcOperation">
             <bean class="org.springframework.jdbc.core.JdbcTemplate">
                   <constructor-arg ref="lcDataSource" />
             </bean>
         </property>
     </bean>
     <!-- JNDI configuration of LC super user -->
     <bean id="lcDataSource" class="org.springframework.jndi.JndiObjectFactoryBean"/>
     <!-- <jee:jndi-lookup jndi-name="{livecycleDataSource}" id="lc.dataSource" />  -->

        <!-- Override Default AM bean -->
    <bean id=" lc.content.assetAuthorizationService" class="com.adobe.cm.solutions.am.CMAssetAuthorizationServiceImpl" >
        <property name="systemUserGroup" value="System Data Dictionary Administrator"/>
        <property name="systemUserDomain" value="DefaultDom"/>
    </bean>

</beans>

I checked the file against an earlier version of the EAR I had in SVN and it's exactly the same.  That earlier EAR has the same issue BTW, so the problem seems to be at the LiveCycle level, not the application itself (I'm assuming).

Regarding customisation, yes I have done some.  It's been specifically regarding creating a custom asset (created fml, registered with spring-config.xml etc) which I've had deployed in the system for weeks with no problems.  It was when I realised I need to create a data dictionary for the system to be able to find the asset correctly, and subsequenty went into the admin interface to look at setting up a user with permissions to do this that the problem began.  Again, I know for a fact I've never messed with the permissions, roles, groups etc belonging to the default administrator account, so something else has happened.

I might have been in the admin console as administrator, running the app as clopez (or someone else) at the same time in the same browser window, as well as building and deploying the application at the same time (yay for multitasking). Don't know if it might have gone crazy there somehow if I had have saved another users permissions, due to me being 2 'different' users at the same time when looking into user permissions with SSO...?  Again speculation on what I might have been doing at the specific time - just throwing it out there for thought...

Cheers,

K.

Avatar

Former Community Member

Indeed there would be an issue if you have logged on to multiple LC applications with different users, courtesy SSO. It may very well happen that the bootsrap is executed using a non-privileged user (clopez or someone else in your case).

Try doing the following:

---------------------------------

1. Close all browser sessions

2. Open an all new browser session

3. Login to CMSA portal (http://<host>:<port>/cmsa/ClaimsPortal/pages/HomePage.jsp) as "administrator"

     Note: If you are running/bootstrapping CMSA for the first time, you will not be able to logon using this URL. So, the other way round is to login to Contentspace (http://<host>:<port>/contentspace) using "administrator". [but I don't think that's the case for you]

4. Now Bootstrap CMSA through http:<host>:<port>/cmsa/Bootstrap

5. You should see a bootstrap successful message when complete.

Once you are done with the above, it is recommended that you close the existing browser session and then log into CMSA using the desired user in a new session.

Avatar

Level 3

Hi Saket,

I've already tried this, even clearing all browser history, cache etc, closing and reopening the browser, only having 1 browser tab open to the application, logging in as admin, and trying the bootstrap.  It gives me the same error as above.

When I was describing me being logged in the admin interface as one user and the application as another user at the same time, this was only around the time when the error started (and I don't recall running the bootstrap then - only after as an attemt to 'fix' the error itself).  Since the error began, I've never been logged in at different places with different credentials.  I only mentioned this as it would hopefully shed some light on what I was actually doing at the time when the error started happening.

As an aside, I've installed the Solution Accelerator on another machine, and deployed my EAR there.  Everything is working perfectly on that machine - I can run the application, bootstrap etc with no problems.  So again, it seems that some kind of LC specific config has gone crazy on my machine, and it's not related to the project specifically.

What I'm thinking of doing now is comparing files on my machine with the working machine, and seeing if there's anything glaringly different.  Do you have any suggestions on any specific files to be looking at? (or anything else to check/try that comes to mind?)

Thanks for your help here - appreciated!!

K.

Avatar

Level 3

Bugger - I just broke LiveCycle on the other machine!!!  Exact same error and problem.  Here's the steps:

In a new browser window I opened LiveCycle Administrator, and logged in with the administrator account.  I clicked on Settings -> User Management.  Then, following the steps outlined in the section 'Modify the System Data Dictionary' in the 'Customizing the Manage Assets UI' user story (http://help.adobe.com/en_US/LiveCycle/9.5/AssetComposerTechGuide/WSf9baf68802c6cf396711206212b7df4fa...), I created a new Role called 'Correspondence Management System DD Administrator', and gave the role the following permissions:

  • CM System Data Dictionary Create

  • CM System Data Dictionary Delete

  • CM System Data Dictionary Edit

  • CM System Data Dictionary View

  • CM Data Dictionary Create

  • CM Data Dictionary Delete

  • CM Data Dictionary Edit

  • CM Data Dictionary View

After saving, I assigned the following roles to my own LiveCycle account (username 'kristian'):

  • Correspondence Management System DD Administrator (created in the previous step).

  • LiveCycle Contentspace Administrator

  • LiveCycle Contentspace User

Following the steps in the user story (which directed me to the 'System Data Dictionary Administrator' section on this page: http://help.adobe.com/en_US/LiveCycle/9.5/CorrespondenceManagementSolution/WS93380f0adc14e55a-158aa...), I then edited the group 'System Data Dictionary Administrator' and added my account as a Child Principal.

After saving, I logged out of the administrator interface, and closed my browser.  I opened the browser up again and started the application.  After logging in with my 'kristian' account to the jsp page, I want to the Manage Templates application and it failed - I could not fetch the Data Dictionary:

2011-05-12 14:36:23,023 5408830 ERROR [com.adobe.dct.service.impl.DataDictionaryRegistryServiceImpl] Data Dictionary fetch unsuccessful. Please check the values of the passed-in parameters.

AssetManagerException ==> {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search {Details}-, AssetManagerException: {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search

.....

.....

This is what I was getting on my first machine when running the app.  To be sure it was the same problem, I wanted to run the bootstrap to make sure.

So I closed that window and made sure I was logged out of the system on the jsp page, then closed that window as well.  After this, I opened up the browser again, and went to the login page.  I logged in with the 'administrator' account, and then ran the bootstrap process, which failed, with the original error in my first post.

So now I'm in the same boat as before, but at least I know now exactly what I did to cause the error.

I never touched anything to do with the main administrator account, and I never changed any roles, groups or permissions, aside from those that I mentioned above.  I could maybe understand if there was only problems with my account, but after the changes mentioned above there seems to be problems with every account fetching the Data Dictionary.

So I guess right now I'm stuck at a point of not being able to move further, since I need to administer the Data Dictionary, but changing permissions to achieve this seems to kill the system!

Cheers,

K.

Avatar

Former Community Member

Kristian,

Looks like the underlying System user looses the membership to the group "System Data Dictionary Administrator" after following these steps. Will investigate the reason for this, and get back to you.

Avatar

Level 3

Thanks Saket, I appreciate your help!

K.

Avatar

Level 3

Hi Saket,

Just FYI - I've pushed this to Adobe Enterprise Support as well.  I'll post any news here.

Cheers,

K.

Avatar

Correct answer by
Former Community Member

Hi Kristian,

Try bootstrapping with the option 'createSampleUsers=true'. This is what your boostrap URL would hence look like - http://<host>:<port>/cmsa/Bootstrap?createSampleUsers=true

This should resolve your issue. Let us know...

Avatar

Level 3

Hi Saket,

It works!!

I initially tried http://<host>:<port>/myprojectname/Bootstrap?createSampleUsers=true which gave me the same error as before.  But then I tried http://<host>:<port>/cmsa/Bootstrap?createSampleUsers=true and the bootstrap completed successfully.  After that I tried my project bootstrap again and that succeeded as well.

To make sure, I went into the Manage Templates application and ran it, and everything is running normally!!

It's late now, but tomorrow I'll confirm that my users are all with the correct permissions and that things there are as they should be.  I'll only post here again if I have problems with them.

Thanks very much for your help here!  Much appreciated!

Do you know the cause of the issue though?  Is this something I'll have to do each time I change user permissions?

Thanks again,

K.

Avatar

Former Community Member

Good to know that you're all set now!

The most probable reason for this is that when you change permissions, the same needs to be sync'ed over to CS as well. And if that does not happen due to some reason, then you may see issues. A bootstrap with the above options ensures that users and groups are creaeted and in sync.

The following has evaluated to null or missing: ==> liqladmin("SELECT id, value FROM metrics WHERE id = 'net_accepted_solutions' and user.id = '${acceptedAnswer.author.id}'").data.items [in template "analytics-container" at line 83, column 41] ---- Tip: It's the step after the last dot that caused this error, not those before it. ---- Tip: If the failing expression is known to be legally refer to something that's sometimes null or missing, either specify a default value like myOptionalVar!myDefault, or use <#if myOptionalVar??>when-present<#else>when-missing. (These only cover the last step of the expression; to cover the whole expression, use parenthesis: (myOptionalVar.foo)!myDefault, (myOptionalVar.foo)?? ---- ---- FTL stack trace ("~" means nesting-related): - Failed at: #assign answerAuthorNetSolutions = li... [in template "analytics-container" at line 83, column 5] ----