Difference between revisions of "Common Security Troubleshooting"
Andreaturli (Talk | contribs) (→org.globus.wsrf.security.SecurityException: [SEC]Operation name could not be determined) |
Andreaturli (Talk | contribs) (→org.globus.wsrf.security.SecurityException: [SEC]Operation name could not be determined) |
||
| Line 12: | Line 12: | ||
Exception related to authentication of clients to a secure service running in the Java-WS-Core | Exception related to authentication of clients to a secure service running in the Java-WS-Core | ||
| − | ==Operation unauthorized (Mechanism level: Authorization failed. Expected "/CN=host/your_ip_number" target but received "/O=Grid/CN=host/your_hostname") | + | ==Operation unauthorized (Mechanism level: Authorization failed. Expected "/CN=host/your_ip_number" target but received "/O=Grid/CN=host/your_hostname")== |
Exception related to authentication of clients to a secure service running in the Java-WS-Core. In certain case, it could be useful to add to /etc/hosts the mapping between "your_IP_number" and the "hostname". | Exception related to authentication of clients to a secure service running in the Java-WS-Core. In certain case, it could be useful to add to /etc/hosts the mapping between "your_IP_number" and the "hostname". | ||
[[Category:Security]] | [[Category:Security]] | ||
Revision as of 15:36, 3 October 2007
This page contains exceptions that commonly occurs in security configurations for DILIGENT services. Exception should be clearly reported in sections using keywords as the Axis fault obtained, the error code returned by commands and so on (see already existing exceptions). For any exception a list of reasons can be reported as separate subsections. For each reason a solution should be also provided (if already discovered). To properly configure security for DILIGENT services please follows the How To Enable Security page.
Contents
- 1 GSI Secure Conversation authentication required for "{http://www...." operation
- 2 org.globus.wsrf.security.SecurityException: [SEC]Operation name could not be determined
- 3 Operation unauthorized (Mechanism level: Authorization failed. Expected "/CN=host/your_ip_number" target but received "/O=Grid/CN=host/your_hostname")
GSI Secure Conversation authentication required for "{http://www...." operation
This exception tells the clients that the GSISecureConversation mechanism is required to acces the service client-config.wsdd must be correctly placed in your Apache Tomcat container. If you want to force axis to pick up your client-config.wsdd, you will have to place the client-config.wsdd in the tomcat-home/common/classes directory.
GSISecureConveration not set in service stubs
To access the service operation the GSISecureconversation must be set on client, please be sure to follows this documentation to set it correctly.
org.globus.wsrf.security.SecurityException: [SEC]Operation name could not be determined
Exception related to authentication of clients to a secure service running in the Java-WS-Core
Operation unauthorized (Mechanism level: Authorization failed. Expected "/CN=host/your_ip_number" target but received "/O=Grid/CN=host/your_hostname")
Exception related to authentication of clients to a secure service running in the Java-WS-Core. In certain case, it could be useful to add to /etc/hosts the mapping between "your_IP_number" and the "hostname".
