Component 006
Subgroup 01: Management
Subgroup 02: Authentication (JAAS)
Subgroup 03: Authorization (JACC)
Subgroup 99: Policy PEP
Event Code |
Message |
Remedy |
---|---|---|
100601001 |
Could not find initial XML configuration in classPath |
Cause: An initial XML configuration should exists in the NidsCommonAgent.jar but doesn’t when this error occurs. Action: Verify that Agent files are in the proper place. |
100601002 |
Could not add agent specific information to initial configuration |
Cause: Unexpected XML error, possibly from faulty XML libraries. Action: Submit requested logs and data. |
100601003 |
Configuration of agent failed |
Cause: Invalid configuration was sent to the agent. Action: Submit requested logs and data. |
100601004 |
Could not create an LDAP connection |
Cause: LDAP connection failed due to: 1) Network Outage, 2) DNS configuration, 3) port configurations, 4) Firewall configurations, etc. Action: Verify that the management server can be contacted. |
100601005 |
Could not read JCC id file |
Cause: File rights to the JCC ID file are denied. Action: Verify that the JCC ID file (named JBoss.id or WebSphere.id) is present and the application server has read access to the file. |
100601006 |
Could not write to JCC id file |
Cause: File creation rights to the jcc directory are denied to the application server. Action: Verify that the JCC ID file (named JBoss.id or WebSphere.id) is present and the application server has write access to the file. |
100601007 |
Could not log configuration |
Cause: Missing or outdated log jar files. Action: Check that logging utilities are present |
100601008 |
Could not determine Agent Type |
Cause: Agent Type property not set and/or JACC not configured properly. Action: Verify that these properties are set. |
100602000 |
A Severe error occurred in the authentication module (JAAS) |
Cause: The session might have timed out. Action: Submit requested logs/data. |
100602001 |
The identity server returned a null or empty user name |
Cause: The session might have timed out. Action: Retry |
100602002 |
Returned -503 due to unconfigured identityServerBaseURL |
Cause: The application server URL has not been configured. Action: Configure the agent to have the correct base URL |
100602003 |
Couldn't configure SAX parser |
Cause: Something is wrong with the Java environment, or the XML libraries are not configured. Action: Obtain latest XML libraries from apache.org and put them into the classpath. |
100602004 |
Couldn't communicate with the identity server due to a null URL for the server |
Cause: No trusted identity server is configured. Action: Configure the agent to have a trusted Identity Server. |
100602005 |
Couldn't open an URL connection to the embedded server provider |
Cause: Invalid or missing application URL. Action: Configure the agent to have a valid application URL. Restart the agent or application server where the agent resides. |
100602006 |
Couldn't read response from the identity server |
Cause: Connection might have been interrupted. Action: Retry, verify network connectivity, DNS resolution, etc. |
100602007 |
Couldn't parse the XML document from the identity server |
Cause: Unexpected response from the Identity Server Action: Submit requested logs/data. |
100602008 |
Could not build the WebSphere principal and credential |
Cause: Unexpected error in WebSphere Action: Submit requested logs/data. |
100602009 |
WebSphere is not configured with global and server security |
Cause: WebSphere does not have global security enabled. Action: Enable WebSphere for global and server security. |
100602010 |
Could not parse system property 'com.novell.nids.agent.sessionVerificationMinutes' |
Cause: This property is set to override the default time of 5 minutes. The set value for this property was not a valid Integer and could not be parsed. Action: Check the system property com.novell.nids.agent.sessionVerificationMinutes has a valid number. |
100602011 |
AuthSessionCache cleanup thread existing |
Cause: The session cache cleanup threat was terminated. Action: Check logs to see if other events may have caused this. Send logs to support. |
100602012 |
An error was encountered in reflection code to get moduleID from HttpServletRequest |
Cause: WebLogic API has been changed. Action: Contact Novell Support. |
100602013 |
An Error occurred decoding a soap response |
Cause: Java is corrupt and does not support UTF-8 |
500602001 |
Event occurred: Agent sent a redirect to nesp |
|
500602002 |
Event occurred: Login Servlet received login from nesp |
|
500602003 |
Event occurred: Verifying nidsID |
|
500602004 |
Event occurred: Contacted esp for session and attributes |
|
500602005 |
Event occurred: esp session successfully verified, posting login |
|
500602006 |
Event occurred: LoginModule received login |
|
500602007 |
Event occurred: LoginModule successfully logged in the user |
|
500603008 |
Event occurred: JACC called for permission |
|
500603009 |
Event occurred: JACC decision: permission allowed |
|
500603010 |
Event occurred: JACC decision: permission denied |
|
100603001 |
Failed to construct the policy enforcement points |
Cause: An erroneous policy may have been sent from the management console. Action: Search for errors from the 099 subcomponent. |
100603002 |
An error was encountered during policy evaluation |
Cause: An erroneous policy may have been sent from the management console. Action: Search for errors from the 099 subcomponent. |
100603003 |
Could not obtain a request object during policy evaluation |
Cause: Unexpected error occurred evaluating a policy. Action: Submit requested logs/data. Search for errors from the 099 subcomponent. |
100603004 |
Exception occurred persisting policies/roles to file |
Cause: File rights denied access to read/write policy and roles file in WebSphere. Action: Verify that the file exists and can be written to by the application server. |
200601000 |
A Warning message occurred in the management of the agent |
Cause: A Warning message might indicate incorrect configuration. Action: If condition persists, submit requested logs/data. |
200602000 |
A Warning message occurred in the authentication module (JAAS) |
Cause: A Warning message might indicate incorrect configuration. Action: If condition persists, submit requested logs/data. |
200603000 |
A Warning message occurred in the authorization module (JACC) |
Cause: A Warning message might indicate incorrect configuration. Action: Submit requested logs/data. |
300601000 |
Generic trace/debug message from agent management |
Action: A trace/debug message does not indicate failure or misconfiguration, but it might help diagnosing a problem. |
030060200 |
Generic trace/debug message from authentication module (JAAS) |
Action: A trace/debug message does not indicate failure or misconfiguration, but it might help diagnosing a problem. |
300603000 |
Generic trace/debug message from authorization module (JACC) |
Action: A trace/debug message does not indicate failure or misconfiguration, but it might help diagnosing a problem. |
200699002 |
Invalid input data. Invalid data has been received which prevents policy from being evaluated. |
Action: See supplementary messages in logs for indication of specific problem. |
200699003 |
PEP Configuration Error: invalid policy configuration data. |
Cause: The Administration Console has produced an invalid policy configuration document Action: You can take any or all of the following actions: 1) Submit the log file (which includes an AM#500699030 log entry containing the policy configuration) to Novell Support to facilitate fixing the Administration Console. 2) Back up to a previous policy configuration that worked until the Administration Console has been fixed. 3) Examine the AM#500699030 log entry and determine the particular policy statement in error and remove it from your configuration until a fix for the Administration Console is available. |
200699073 |
Policy Evaluation Error: condition data unavailable. |
Action: See supplementary message in logs for indication of specific problem. |
200699075 |
Invalid API arguments. Indicates an internal software error. |
Action: See supplementary messages in logs for indication of specific problem. |
500699030 |
J2EE Agent PEP Configuration: the J2EE Agent PEP has been configured without error. |
Cause: Initial policy configuration applied from the Administration Console. Action: None. Informational only. |
500699031 |
J2EE Agent PEP Policy Evaluation. |
Cause: The J2EE Agent PEP has evaluated an access control policy for a protected resource. Action: None. Informational only. |
500699032 |
J2EE Agent PEP SSL Required Evaluation. |
Cause: The J2EE Agent PEP has evaluated if SSL is required for access to a protected resource. Action: No Action. Informational only. |
500699033 |
J2EE Agent Startup. |
Cause: J2EE Agent started. Action: No Action. Informational only. |
500699034 |
J2EE Agent Shutdown. |
Cause: J2EE Agent shutdown. Action: No Action. Informational only. |
500699035 |
J2EE Agent Reconfigured. |
Cause: New policy configuration applied from Access Manager Administration Console. Action: None. Informational only. |
500699036 |
J2EE Agent Authentication Successful. |
Cause: A user requesting access to a protected resource has been successfully authenticated with the Identity Server. Action: None. Informational only. |
500699037 |
J2EE Agent Authentication Failed. |
Cause: A user requesting access to a protected resource has been denied authentication by the Identity Server. Action: None. Informational only. |
500699038 |
J2EE Agent Web Resource Access Allowed. |
Cause: A user has been granted access to a protected web resource. Action: None. Informational only. |
500699039 |
J2EE Agent Web Resource Access Denied. |
Cause: A user has been denied access to a protected web resource. Action: None. Informational only. |
500699040 |
J2EE Agent Clear Text Access Allowed. |
Cause: A user has been granted clear text access to a protected web resource. Action: None. Informational only. |
500699041 |
J2EE Agent Clear Text Access Denied. |
Cause: A user has been denied clear text access to a protected web resource. Action: None. Informational only. |
500699042 |
J2EE Agent EJB Access Allowed. |
Cause: A user has been granted access to a protected EJB resource. Action: None. Informational only. |
500699043 |
J2EE Agent EJB Access Denied. |
Cause: A user has been denied access to a protected EJB resource. Action: None. Informational only. |