MWS Error when trying to access B2B pages

Folks,
I recently installed WM 7.1.2 IS, TN and MWS on my laptop. TN seems to be working fine if I use TN console along with the deprecated features. I started delving into MWS as that seems to be the recommended way.

I started MWS server instance in debug mode. Once I login as Administrator, I can access most portlets. When I click on the B2B sections, I see the following error in the IS log and the page displays a bunch of errors -

2009-02-09 11:03:32 EST [ISS.0053.0002C] Access denied for user SAMLart on port
6666 → ‘soap/rpc’ from 10.45.74.214.

The MWS Server log has the following (Truncated) trace -
Caused by: electric.util.WrappedException: java.rmi.RemoteException: HTTP error
response: [ISS.0084.9001] Invalid credentials
at com.webmethods.caf.wsclient.proxy.impl.WSClientDynamicProxy.getCompat
ibleException(WSClientDynamicProxy.java:411)
at com.webmethods.caf.wsclient.proxy.impl.WSClientDynamicProxy.invoke(WS
ClientDynamicProxy.java:227)
at $Proxy18.getTNProperties(Unknown Source)

I searched this site and found a similar post but it was not very helpful for me to resolve the error.

Any help is greatly appreciated.
Anil

Make sure the TN is setup to point the IS under B2B Settings-Administrative Preferences.

And also make sure the IS extended settings has this settings:
watt.server.auth.samlResolver=http://mywebmethodsserver:port/services/SAML

Make sure TNMWSUsers ACL is created in IS, and TN Admins, TN MWS Users are allowed groups.

The tip on the extended settings (set SAML to watt.server.auth.samlResolver=http://mywebmethodsserver:port/services/SAML) did the trick. I had everything else, except that. Thanks a lot.

Just curious to know, I could not find this anywhere in the documentation (I am usually good at reading thru the docs). Can you point me to the right document and the specific section/page if possible, that has this extended setting mentioned???

Anil

Excellent! Just found this which fixed the problem I was having too…

Can’t see it in the documentation anywhere either. Sigh.

Ahhh - TradingNetworks_7-1-2_readme.pdf:

1.0 Critical Information
The following list describes the critical issues that were known when this readme was published.
:black_small_square: If My webMethods Server has been configured on a port other than the default port (8585), ensure that you set the following watt parameter in the Integration Server’s Extended Settings page.
watt.server.auth.samlResolver=http://host name:port/services/SAML where host name is the host name or IP address and port is the port number of My webMethods Server.

Fair enough… JH

Hello Everyone,

I am facing problem while accessing b2b section in MWS , and i tried the alternatives like Extended Settings with “watt.server.auth.samlResolver=http://mywebmethodsserver:port/services/SAML”

But still I am getting same problem with different description ,

Here is a glimpse of my IS log which is started in Debug mode:

2009-12-27 01:45:07 IST [ISS.0012.0011W] Resolution of SAMLArt (AAEwMXdlYk1ldGhv
ZHNQb3J0YWwgIDAwMDAwMDAwMC0xOTkzMzc2NjY2) failed with exception: org.apache.xml.
security.c14n.InvalidCanonicalizerException: No message with ID “signature.Canon
icalizer.UnknownCanonicalizer” found in resource bundle “org/apache/xml/security
/resource/xmlsecurity”
2009-12-27 01:45:14 IST [ISS.0053.0002C] Access denied for user SAMLart on port
5555 → ‘soap/rpc’ from 192.168.1.2.

I would appreciate any help in this regard

Here is another glimpse of MWS error log:

2009-12-28 17:03:13 IST (wsclient : FATAL) [RID:9] - com.webmethods.caf.wsclient.proxy.impl.WSClientDynamicProxy: HTTP error response: [ISS.0084.9001] Invalid credentials
java.rmi.RemoteException: HTTP error response: [ISS.0084.9001] Invalid credentials
at electric.soap.http.reference.SOAPToHTTP.invoke(SOAPToHTTP.java:208)
at electric.soap.http.reference.SOAPToHTTP.handle(SOAPToHTTP.java:136)
at electric.soap.references.logging.LoggingSOAPReference.handle(LoggingSOAPReference.java:57)
at electric.jaxrpc.handler.JAXRPCReference.handle(JAXRPCReference.java:76)
at com.webmethods.soap.module.SOAPModuleReference.handle(SOAPModuleReference.java:70)
at electric.soap.references.interceptor.InterceptorSOAPReference.handle(InterceptorSOAPReference.java:69)
at electric.soap.java.reference.JavaToSOAP.handle(JavaToSOAP.java:72)
at electric.soap.java.reference.JavaToSOAP.invoke(JavaToSOAP.java:238)
at electric.soap.java.reference.JavaToSOAP.invoke(JavaToSOAP.java:165)
at electric.proxy.handler.Proxy.invoke(Proxy.java:126)
at $Proxy1.listFieldsMetaData(Unknown Source)



I did extended settings with " watt.server.auth.samlResolver=http://MWShost:port/services/SAML" and

I made sure TNAdministrators group is allowed for TNMWSUsers ACL in IS ,but I couldn’t find TN MWS Users group to include it under TNMWSUsers ACL as it was mentioned in above post, Where is that TN MWS Users group? Is it available under IS user groups? or Do i need to create such group in IS?

I am struck with this error

Hoping for some possible help from folks over here

Regards
Nag

Nag,

By default, there are no groups associated with TNMWSUsers ACL

Pls check these following articles for help:

http://advantage.webmethods.com/article/?id=1614336200

http://advantage.webmethods.com/article/?id=SR-1-106502477

http://advantage.webmethods.com/article/?id=1614322252

HTH,
RMG

Hello RMG,

Thanks for your reply

I am new to webMethods, the only thing i don’t understand ,after going thru article u mentioned in advantage, i did everything they mentioned, i allowed " TNAdministrators " Group in TNMWSUsers ACL , and added the extended setting " watt.server.auth.samlResolver " as mentioned,

Still i am getting the problem , i am really annoyed with this error,

Please explain this particular line from the post of wmUsers member Mr.Ucbabu " Make sure TNMWSUsers ACL is created in IS, and TN Admins, TN MWS Users are allowed groups "

In that line what’s that " TN MWS Users " word referring to ? is it a group under IS usergroup? or users ??? I am confused with this.

Hoping for possible help

:confused: :confused: :confused:

Nag.

what’s that " TN MWS Users " word referring to ? is it a group under IS usergroup?
–>Yes check in the Security -->ACLs then click Add and Remove ACL’s and Create ACL as “TNMWSUsers” and assign it to TNAdministrators group.

HTH,
RMG

Hello RMG,

I did create the TNMWSUsers ACL and added TN Administrators group into that ACL,

and I restarted IS and MWS both, still i am getting same error when i click B2B pages,

I really don’t know what wrong with this,
:uhoh::uhoh::uhoh:

Regards
Nag

I am not sure,why the issue persists even after you configured per above.

But please check these articles to make sure:

http://advantage.webmethods.com/article/?id=1614325205
http://advantage.webmethods.com/article/?id=SR-1-106259101

Also apply these settings Trading Networks Server in MWS:
“Integration → B2B Settings → Administrative Preferences → Trading Networks Server” that you are connectingTo

If problem still persists contact SAG tech support ASAP.

HTH,
RMg

Hello RMG,

I am really thankful to you for your last post with two articles from advantage. I figured it now, its working fine now,

The only thing i missed is, i didn’t do central user configuration, now I did it.

Regards
Nag

:lol::rofl::p::o:):wink:

Great to know its working now…thanks for the update!

Happy NewYear !

-RMG

I really encountered this problem while accessing b2b section in MWS.

rahher,

Is it resolved for you?

HTH,
RMG

I’m still getting the same error while trying to access B2B Settings → Server Settings.

I have configured the Central User Management ,
Have added Administrators to the TNMWSUsers ACL

electric.util.WrappedException: java.rmi.RemoteException: HTTP error response: [ISS.0084.9001] Invalid credentials

Access Denied


What else needs to be done? :confused:

Also add the:

TN Administrators to the TNMWSUsers ACL

Restart the IS/MWS.

HTH,
RMG

Thanks for the response RMG ,

I had added TN Adminstrators also , but didnt work out.

Few other issues popped up, now I’m recreating the entire environment again. Will have these points in my checklist. Hope I succeed this time.

Ok worth a try and let us know: