Hello,
I've come across a situation where I'm no longer able to use the Correspondence Solution Accelerator due to errors when trying to run an asset search. I'm unsure how it happened, but now, whenever I log into the Manage Templates application, it fails when trying to retrieve the data dictionaries. This happens for every type of user, including the super admin.
I thought that maybe running the Bootstrap might clean things up, but the same happens there as well. The following is the output in the browser from the Bootstrap error:
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
org.springframework.web.util.NestedServletException: Request processing failed; nested exception is com.adobe.icc.dbforms.exceptions.ICCException: ALC-DCT-002-007: AssetManagerException: {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:656)
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:89)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
com.adobe.livecycle.usermanager.authentication.web.CSRFFilter.doFilter(CSRFFilter.java:52)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
com.adobe.idp.um.auth.filter.SecurityFilter.doFilter(SecurityFilter.java:182)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
root cause
com.adobe.icc.dbforms.exceptions.ICCException: ALC-DCT-002-007: AssetManagerException: {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search
com.adobe.icc.ICCBootstrapper.doPost(ICCBootstrapper.java:126)
com.adobe.icc.ICCBootstrapper.doGet(ICCBootstrapper.java:83)
javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.springframework.web.servlet.handler.SimpleServletHandlerAdapter.handle(SimpleServletHandlerAdapter.java:63)
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771)
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716)
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:89)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
com.adobe.livecycle.usermanager.authentication.web.CSRFFilter.doFilter(CSRFFilter.java:52)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
com.adobe.idp.um.auth.filter.SecurityFilter.doFilter(SecurityFilter.java:182)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
root cause
com.adobe.icc.dbforms.exceptions.ICCException: ALC-DCT-002-007: AssetManagerException: {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search
com.adobe.icc.bootstrap.AssetDefinitionsDeployer.bootstrap(AssetDefinitionsDeployer.java:65)
com.adobe.icc.ICCBootstrapper.doPost(ICCBootstrapper.java:118)
com.adobe.icc.ICCBootstrapper.doGet(ICCBootstrapper.java:83)
javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.springframework.web.servlet.handler.SimpleServletHandlerAdapter.handle(SimpleServletHandlerAdapter.java:63)
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771)
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716)
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:89)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
com.adobe.livecycle.usermanager.authentication.web.CSRFFilter.doFilter(CSRFFilter.java:52)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
com.adobe.idp.um.auth.filter.SecurityFilter.doFilter(SecurityFilter.java:182)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
root cause
com.adobe.dct.exception.DCTException: ALC-DCT-002-007: AssetManagerException: {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search
com.adobe.dct.service.impl.DataDictionaryRegistryServiceImpl.searchDataDictionaries(DataDictionaryRegistryServiceImpl.java:375)
com.adobe.dct.service.impl.DataDictionaryRegistryServiceImpl.getSystemDataDictionaries(DataDictionaryRegistryServiceImpl.java:534)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
java.lang.reflect.Method.invoke(Unknown Source)
org.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:309)
org.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:183)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:150)
org.springframework.security.access.intercept.aopalliance.MethodSecurityInterceptor.invoke(MethodSecurityInterceptor.java:67)
org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:172)
org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:202)
$Proxy560.getSystemDataDictionaries(Unknown Source)
com.adobe.icc.bootstrap.AssetDefinitionsDeployer.bootstrap(AssetDefinitionsDeployer.java:61)
com.adobe.icc.ICCBootstrapper.doPost(ICCBootstrapper.java:118)
com.adobe.icc.ICCBootstrapper.doGet(ICCBootstrapper.java:83)
javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.springframework.web.servlet.handler.SimpleServletHandlerAdapter.handle(SimpleServletHandlerAdapter.java:63)
org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:771)
org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:716)
org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:644)
org.springframework.web.servlet.FrameworkServlet.doGet(FrameworkServlet.java:549)
javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:343)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:109)
org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:83)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:97)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:100)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.AnonymousAuthenticationFilter.doFilter(AnonymousAuthenticationFilter.java:78)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:35)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.preauth.AbstractPreAuthenticatedProcessingFilter.doFilter(AbstractPreAuthenticatedProcessingFilter.java:89)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:188)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:105)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:79)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.authentication.www.BasicAuthenticationFilter.doFilter(BasicAuthenticationFilter.java:177)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
com.adobe.livecycle.usermanager.authentication.web.CSRFFilter.doFilter(CSRFFilter.java:52)
org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:355)
org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:149)
org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:237)
org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:167)
com.adobe.idp.um.auth.filter.SecurityFilter.doFilter(SecurityFilter.java:182)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
note The full stack trace of the root cause is available in the JBossWeb/2.0.0.GA logs.
So I've tried rebotting the server, running the Bootstrap, checking the permissions in the LC Admin etc, but no luck.
Does anyone have a clue why this has happened and how it might be fixed? As it is right now, I can't use the SA at all!!!
Thanks,
Kristian
Solved! Go to Solution.
Views
Replies
Total Likes
Hi Kristian,
Try bootstrapping with the option 'createSampleUsers=true'. This is what your boostrap URL would hence look like - http://<host>:<port>/cmsa/Bootstrap?createSampleUsers=true
This should resolve your issue. Let us know...
Views
Replies
Total Likes
Did you change any permissions in and around CM?
Could you please provide details on what was done on the system before you hit this issue?
Views
Replies
Total Likes
Hi Saket,
I'm not 100% sure of the exact steps I performed before the error, but I do know that it happened while I was using the admin interface looking into permissions. I don't know if it's relevent or not, but when I was doing this, I had the LC Administrator open and was using the CMSA as a different user at the same time in the same browser window (I know - not smart), so some sort of conflict may have occured.
I don't remember actually making any changes to Roles or Groups in the admin interface while I was in there. But to be sure, I've just checked the details for the Super Admin account, since this is the account that is being used to run the bootstrap process that is failing. The account is in the following groups and roles:
Groups:
System Data Dictionary Administrator (which is in the following role - LiveCycle Contentspace User)
Roles:
LiveCycle Contentspace User
Administration Console User
LiveCycle Workflow Process Administrator
LiveCycle Workflow Process Developer
Super Administrator
So I'm 99.9% sure that I never edited any of these Groups or Roles directly. What I did do while I was in there was assign my own LC user (kristian) to be a part of the 'Correspondence Management System DD Administrator' Role, which I made myself a few weeks ago. However, I don't know how this could have made this kind of impact on the system. I just tried taking myself out of the group and running the bootstrap again (with Super Admin as always), but I keep getting the same error.
That's about all I can think of that was heppening when the error started. The Admin interface was definitely running in the same browser and I was looking into User groups, roles and permissions when it started, but I'm so sure I didn't mess with anything like the above (for this exact reason). Are the groups and roles I have specified for the Super Admin account correct and the default?
If you need any more information, please let me know.
Thanks,
Kristian
Views
Replies
Total Likes
The user with you are bootstrapping with should be part of the group (directly) "System Data Dictionary Administrator" and domain "DefaultDom".
Could you check what does the group "System Data Dictionary Administrator" show as its "Child Principals"?
Views
Replies
Total Likes
I'm bootstrapping with the built in default administrator account (userID 'administrator') and they are in the 'DefaultDom' domain. They are also the only child principal in the 'System Data Dictionary Administrator' group, so all looks ok there.
Cheers,
Kristian
Views
Replies
Total Likes
And also this is not only happening for the administrator account when bootstrapping - it also happens for all the users when starting the Manage Assets flex application. When I try and log in to the app with the system example accounts of clopez, grios etc, the same thing happens when the flex app starts. I gave the bootstrap error log only, but the rest have the same error. So it's a system wide problem, not exclusive to the bootstrap...
Hope that helps!
Views
Replies
Total Likes
Are there any customizations done on the solution?
I am specifically interested if there are any changes done to the file security-es-config.xml? If possible, could you share what's in that XML on the deployed EAR?
Views
Replies
Total Likes
Here's the security-es-config.xml from the deployed EAR:
<?xml version="1.0" encoding="UTF-8"?>
<!--~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~ ADOBE CONFIDENTIAL
~ ___________________
~
~ Copyright 2010 Adobe Systems Incorporated
~ All Rights Reserved.
~
~ NOTICE: All information contained herein is, and remains
~ the property of Adobe Systems Incorporated and its suppliers,
~ if any. The intellectual and technical concepts contained
~ herein are proprietary to Adobe Systems Incorporated and its
~ suppliers and may be covered by U.S. and Foreign Patents,
~ patents in process, and are protected by trade secret or copyright law.
~ Dissemination of this information or reproduction of this material
~ is strictly forbidden unless prior written permission is obtained
~ from Adobe Systems Incorporated.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~-->
<beans xmlns="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:jee="http://www.springframework.org/schema/jee"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd http://www.springframework.org/schema/jee http://www.springframework.org/schema/jee/spring-jee.xsd">
<!-- Throw Handler -->
<bean id="lc.um.es.throwHandler" class="com.adobe.livecycle.usermanager.spring.TimeoutAwareThrowHandler">
<property name="authenticationManager" ref="lc.um.es.authenticationManagerClient" />
<property name="credentialProvider" ref="lc.um.es.remoteCredentialProvider" />
</bean>
<bean id="lc.dscProperties" class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="ignoreResourceNotFound">
<value>true</value>
</property>
<property name="localOverride">
<value>true</value>
</property>
<property name="properties">
<value>
dummyproperty=dummyvalue
</value>
</property>
</bean>
<!-- Credential Provider bean for integration with RIA Content - Uses the current user's assertion -->
<bean id="lc.content.umCredentialProvider" class="com.adobe.livecycle.usermanager.integration.AssertionCredentialProvider" primary="true"/>
<alias name="lc.um.es.remoteCredentialProvider" alias="lc.content.adminCredentialProvider"/>
<bean id="lc.um.es.remoteCredentialProvider"
class="com.adobe.livecycle.usermanager.integration.RemoteAccountCredentialProvider" >
<property name="jdbcOperation">
<bean class="org.springframework.jdbc.core.JdbcTemplate">
<constructor-arg ref="lcDataSource" />
</bean>
</property>
</bean>
<!-- JNDI configuration of LC super user -->
<bean id="lcDataSource" class="org.springframework.jndi.JndiObjectFactoryBean"/>
<!-- <jee:jndi-lookup jndi-name="{livecycleDataSource}" id="lc.dataSource" /> -->
<!-- Override Default AM bean -->
<bean id=" lc.content.assetAuthorizationService" class="com.adobe.cm.solutions.am.CMAssetAuthorizationServiceImpl" >
<property name="systemUserGroup" value="System Data Dictionary Administrator"/>
<property name="systemUserDomain" value="DefaultDom"/>
</bean>
</beans>
I checked the file against an earlier version of the EAR I had in SVN and it's exactly the same. That earlier EAR has the same issue BTW, so the problem seems to be at the LiveCycle level, not the application itself (I'm assuming).
Regarding customisation, yes I have done some. It's been specifically regarding creating a custom asset (created fml, registered with spring-config.xml etc) which I've had deployed in the system for weeks with no problems. It was when I realised I need to create a data dictionary for the system to be able to find the asset correctly, and subsequenty went into the admin interface to look at setting up a user with permissions to do this that the problem began. Again, I know for a fact I've never messed with the permissions, roles, groups etc belonging to the default administrator account, so something else has happened.
I might have been in the admin console as administrator, running the app as clopez (or someone else) at the same time in the same browser window, as well as building and deploying the application at the same time (yay for multitasking). Don't know if it might have gone crazy there somehow if I had have saved another users permissions, due to me being 2 'different' users at the same time when looking into user permissions with SSO...? Again speculation on what I might have been doing at the specific time - just throwing it out there for thought...
Cheers,
K.
Views
Replies
Total Likes
Indeed there would be an issue if you have logged on to multiple LC applications with different users, courtesy SSO. It may very well happen that the bootsrap is executed using a non-privileged user (clopez or someone else in your case).
Try doing the following:
---------------------------------
1. Close all browser sessions
2. Open an all new browser session
3. Login to CMSA portal (http://<host>:<port>/cmsa/ClaimsPortal/pages/HomePage.jsp) as "administrator"
Note: If you are running/bootstrapping CMSA for the first time, you will not be able to logon using this URL. So, the other way round is to login to Contentspace (http://<host>:<port>/contentspace) using "administrator". [but I don't think that's the case for you]
4. Now Bootstrap CMSA through http:<host>:<port>/cmsa/Bootstrap
5. You should see a bootstrap successful message when complete.
Once you are done with the above, it is recommended that you close the existing browser session and then log into CMSA using the desired user in a new session.
Views
Replies
Total Likes
Hi Saket,
I've already tried this, even clearing all browser history, cache etc, closing and reopening the browser, only having 1 browser tab open to the application, logging in as admin, and trying the bootstrap. It gives me the same error as above.
When I was describing me being logged in the admin interface as one user and the application as another user at the same time, this was only around the time when the error started (and I don't recall running the bootstrap then - only after as an attemt to 'fix' the error itself). Since the error began, I've never been logged in at different places with different credentials. I only mentioned this as it would hopefully shed some light on what I was actually doing at the time when the error started happening.
As an aside, I've installed the Solution Accelerator on another machine, and deployed my EAR there. Everything is working perfectly on that machine - I can run the application, bootstrap etc with no problems. So again, it seems that some kind of LC specific config has gone crazy on my machine, and it's not related to the project specifically.
What I'm thinking of doing now is comparing files on my machine with the working machine, and seeing if there's anything glaringly different. Do you have any suggestions on any specific files to be looking at? (or anything else to check/try that comes to mind?)
Thanks for your help here - appreciated!!
K.
Views
Replies
Total Likes
Bugger - I just broke LiveCycle on the other machine!!! Exact same error and problem. Here's the steps:
In a new browser window I opened LiveCycle Administrator, and logged in with the administrator account. I clicked on Settings -> User Management. Then, following the steps outlined in the section 'Modify the System Data Dictionary' in the 'Customizing the Manage Assets UI' user story (http://help.adobe.com/en_US/LiveCycle/9.5/AssetComposerTechGuide/WSf9baf68802c6cf396711206212b7df4fa...), I created a new Role called 'Correspondence Management System DD Administrator', and gave the role the following permissions:
CM System Data Dictionary Create
CM System Data Dictionary Delete
CM System Data Dictionary Edit
CM System Data Dictionary View
CM Data Dictionary Create
CM Data Dictionary Delete
CM Data Dictionary Edit
CM Data Dictionary View
After saving, I assigned the following roles to my own LiveCycle account (username 'kristian'):
Correspondence Management System DD Administrator (created in the previous step).
LiveCycle Contentspace Administrator
LiveCycle Contentspace User
Following the steps in the user story (which directed me to the 'System Data Dictionary Administrator' section on this page: http://help.adobe.com/en_US/LiveCycle/9.5/CorrespondenceManagementSolution/WS93380f0adc14e55a-158aa...), I then edited the group 'System Data Dictionary Administrator' and added my account as a Child Principal.
After saving, I logged out of the administrator interface, and closed my browser. I opened the browser up again and started the application. After logging in with my 'kristian' account to the jsp page, I want to the Manage Templates application and it failed - I could not fetch the Data Dictionary:
2011-05-12 14:36:23,023 5408830 ERROR [com.adobe.dct.service.impl.DataDictionaryRegistryServiceImpl] Data Dictionary fetch unsuccessful. Please check the values of the passed-in parameters.
AssetManagerException ==> {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search {Details}-, AssetManagerException: {Code}-ALC-AMG-001-018 {Message}-Asset search failed because user is not authorized to execute a system search
.....
.....
This is what I was getting on my first machine when running the app. To be sure it was the same problem, I wanted to run the bootstrap to make sure.
So I closed that window and made sure I was logged out of the system on the jsp page, then closed that window as well. After this, I opened up the browser again, and went to the login page. I logged in with the 'administrator' account, and then ran the bootstrap process, which failed, with the original error in my first post.
So now I'm in the same boat as before, but at least I know now exactly what I did to cause the error.
I never touched anything to do with the main administrator account, and I never changed any roles, groups or permissions, aside from those that I mentioned above. I could maybe understand if there was only problems with my account, but after the changes mentioned above there seems to be problems with every account fetching the Data Dictionary.
So I guess right now I'm stuck at a point of not being able to move further, since I need to administer the Data Dictionary, but changing permissions to achieve this seems to kill the system!
Cheers,
K.
Views
Replies
Total Likes
Kristian,
Looks like the underlying System user looses the membership to the group "System Data Dictionary Administrator" after following these steps. Will investigate the reason for this, and get back to you.
Views
Replies
Total Likes
Thanks Saket, I appreciate your help!
K.
Views
Replies
Total Likes
Hi Saket,
Just FYI - I've pushed this to Adobe Enterprise Support as well. I'll post any news here.
Cheers,
K.
Views
Replies
Total Likes
Hi Kristian,
Try bootstrapping with the option 'createSampleUsers=true'. This is what your boostrap URL would hence look like - http://<host>:<port>/cmsa/Bootstrap?createSampleUsers=true
This should resolve your issue. Let us know...
Views
Replies
Total Likes
Hi Saket,
It works!!
I initially tried http://<host>:<port>/myprojectname/Bootstrap?createSampleUsers=true which gave me the same error as before. But then I tried http://<host>:<port>/cmsa/Bootstrap?createSampleUsers=true and the bootstrap completed successfully. After that I tried my project bootstrap again and that succeeded as well.
To make sure, I went into the Manage Templates application and ran it, and everything is running normally!!
It's late now, but tomorrow I'll confirm that my users are all with the correct permissions and that things there are as they should be. I'll only post here again if I have problems with them.
Thanks very much for your help here! Much appreciated!
Do you know the cause of the issue though? Is this something I'll have to do each time I change user permissions?
Thanks again,
K.
Views
Replies
Total Likes
Good to know that you're all set now!
The most probable reason for this is that when you change permissions, the same needs to be sync'ed over to CS as well. And if that does not happen due to some reason, then you may see issues. A bootstrap with the above options ensures that users and groups are creaeted and in sync.
Views
Replies
Total Likes
Views
Likes
Replies
Views
Likes
Replies