Unable to Search Rule List in MWS

Hi Team,

We are unable to search Rule list in MWS getting below exceptions
while Navigation in MWS Administrator --> Analyst --> Rule --> Rule List

Failed to evaluate binding expression: “#{RuleListSearchBarDefaultviewView.fieldNames}”
com.webmethods.caf.wsserver.auth.saml.SAMLBindException: SAML bind exception: com.webmethods.portal.PortalException: [POP.012.0002.wm_xt_samlsecurityservice] The SAML artifact is invalid or has expired
SOAPException( Server: com.webmethods.caf.wsserver.auth.saml.SAMLBindException: SAML bind exception: com.webmethods.portal.PortalException: [POP.012.0002.wm_xt_samlsecurityservice] The SAML artifact is invalid or has expired. )

I have verified SAML URL for MWS has configured in IS 9.7

Please let me know what is the resolution or corrective steps to solve above exception?

Hi Rmg/Mahesh/Wang/Holger,

Can you please look into this issue we are facing in our newly installed Dev2 Env setup where as it’s hampering our deadline for our testing and development phase badly :frowning:

Issue :-
We have MWS Dev1 Env which is pointing to Optimizer for Infra

Then we have received request for whole brand new Dev2 Env new setup,In this case we have installed whole new DEV2 Env setup which includes (IS+MWS) BUT now Issue started by

while Navigation into DEV2 MWS Administrator --> Analyst --> Rule --> Rule List ( I am able to search rule list, look good)

BUT while Navigation into DEV MWS Administrator --> Analyst --> Rule --> Rule List ( i m getting exception mention in my follow up thread ) have verified all IS+MWS configuration it’s look good but seems that some where it’s messed up very badly that my Optimizer get confuse which MWS Env to connect

So need help to rectify this issue to find root cause of this issue

Check Settings --> Resources --> MWS SAML Resolver URL

Check Central User Management configured OK?

Logon to IS Admin > Settings > Extended and look for:
watt.server.auth.samlResolver=http://:/services/SAML

WmMonitor package is configured properly with the username\password.
Logon to IS admin > packages > management > WmMonitor and check the following:
http://:/WmMonitor/

  • MWS Host
  • MWS Port
  • MWS Transport
  • MWS Username
  • MWS Password

Kindly share the screen shots.

Thanks Mahesh for quick response.

Yeah I have verified all steps it’s look good except IS DEV Env IS extended setting saml url is missing so added that and restarted DEV Env IS/MWS still no luck

Find the screen shot for same

Reboot the MWS and Kindly share the screen shots of the items that I have listed above.

After adding SAML URl in extended setting i have restarted IS then MWS
Find the requested screen shot for configuration

I did check your attachment but I see you have missed few items.

1> Did you check Central User Management under Security > User Management does it say “Configured”

2> Also can see if there is some setting which needs to configured in WmRules package (I mean home page of WmRules). Reload the package if you make any changes.

3> Confirm the password is the same for Administrator user on IS and MWS

4> Go to “Packages -> Management” and click on WmMonitor home page. Make sure correct MWS host and port entered (they must be the same as mentioned in your MWS SAML Resolver URL ), reset the Administrator password, reload WmMonitor package.

5> Check if Central Users pool is pointing to MWS DB in “Settings -> JDBC Pools”

6> Access http://mws-server-name:mws-port/services/SAML?wsdl, do you get a XML document?

7> Check ACL for MonitorAdministrators ACL and MonitorUsers ACL

All the above points to be checked correctly to fix your issue.

Hi Mahesh,

  1. it say configured
  2. WmRules Packages is not present in DEV2 MWS or IS connect to MWS but still able to see Rule List where as issue in DEV MWS and it’s IS also we don’t have WmRules package
  3. IS + MWS password for Administrator is same
  4. WmMonitor host and port are same as SAML Url resolver url
    5.JDBC pool alsoo look good
  5. Access to SAML URl it show output as
    SAML
    Hi there, this is an AXIS service!
    Perhaps there will be a form for invoking the service here…
  6. we don’t have MonitorAdministrators ACL and MonitorUsers ACL configured,even i don’t think this will much diff

Share me the screen shot of item 6 (I can cross check with mine)

For item 7 I see the ACL’s in my setup. Why do you think it will not make much diff?

Will share screen shot soon but today i notice something diff.

As i told in my previous thread that we have setup like for example :-

DEV MWS connect to IS:0001 connect to Optimizer where as broker,IS, MWS,SAML url Level configuration are totally diff then we did brand new setup of IS+MWS

DEV2 MWS connect to IS:0002 connect to same Optimizer but broker,IS, MWS,SAML url Level configuration are totally diff

I tried to stop my newly installed IS+ DEV2 MWS and then recheck
DEV MWS Administrator --> Analyst --> Rule --> Rule List it show different exception i.e

SOAPException( Server: com.webmethods.caf.wsserver.auth.saml.SAMLBindException: SAML bind exception: SAMLSOAPBinding.send() caught an I/O exception (wrapped: Connection refused: connect)

Can you tell me why it says caught an I/O exception (wrapped: Connection refused: connect) which component was down/refuse to connect ?

Any idea?

May be AE is down. Check the Analytic Engine (green signal) in My webMethods->System Settings ->Check Server Status.

Did you define the environment on MWS?

Hi Mahesh,

please find the screen shot of my AE configuration to my DEV MWS and DEV2 MWS Env where as i can see AE port is diff in both the MWS Envs where as i have only 1 optimizer Env.

AE connected to DEV2 MWS show green or connect status while AE connected to DEV MWS show in red or not connect status .

Is this the reason for this issue ?
Find the screen shot for your reference.

Lets fix this issue. By default the port must be 12503.

If i change AE port in my DEV MWS to 12503 it will show not connected where as same port i have configured in DEV2 MWS it shows in connected mode

After changing the port redeploy the Environments (or at least the updates) to the engines.
Afterwards restart the engines to make the settings working.

SAML will not work when used with two MWS.

Can you describe your setup a bit more in detail (which components are installed where and connect to which other components)?

WmRules-Package does not have configurable parts.
It is only needed when using the FICO BlazeAdvisor Rules.

The new Rules Engine uses the WmBusinessRules Package, which requires an additional license file.
The Rules are developed in Designer and then uploaded to IS and MWS.

Regards,
Holger

Hi Holger,

I didn’t change AE port, we have 1 optimizer installed in Window OS with default port # 12503 which is and why i don’t know listening to only one of the MWS ie DEV2 and throwing error in other MWS ie DEV Server

Working good mean to say
MWS Administrator --> Analyst --> Rule --> Rule List it show me default rule list KPI/Events such as
Analytic Engine About to Run Out of Memory
ART Adapter Service Critical Resource Message
ART Adapter Service Failure Status Event
ART Connection Critical Resource Message

But when i tried to installed new MWS ie DEV2 but it seems it’s has over write exiting DEV MWS which was working good before installation and now it showing error in old MWS DEV Administrator --> Analyst --> Rule --> Rule List and showing me error

SOAPException( Server: com.webmethods.caf.wsserver.auth.saml.SAMLBindException: SAML bind exception: com.webmethods.portal.PortalException: [POP.012.0002.wm_xt_samlsecurityservice] The SAML artifact is invalid or has expired.

We have two diff SAML URLs which is pointing to two diff MWS but it’s seems some how my optimizer is getting confuse to connect to one of the MWS server.

While in working MWS server connected IS we don’t have WmRules & WmBusinessRules package still it’s look good.

WM IS 9.7 installed on AIX OS and Optimizer is installed on Window OS.

My queries.

  1. Is it not possible a single optimizer port #12503 to be connected to multiple MWS server?
  2. Why AE port # 12503 is only connected to DEV2 MWS why it’s not getting connected to DEV MWS because when i check in both MWS My webmethods --> System Setting --> Servers DEV2 it show AE is connected where as in DEV MWS it show not connected.

I have tried restarting Optimizer/MWS/IS 1 by 1 but still not luck.

P.S Both MWS servers have unique configuration and i have verified twice except System Setting where AE port # 12503 is getting connect to DEV2 but show unable to connect other DEV MWS server

Hi Holger/Mahesh,

Can you confirm one thing A single Optimizer with port # 12503 can’t be configured to multiple MWS servers ?

Here in my environment i have notice that

My DEV MWS was connected to Optmizer A with port 12503 then I installed DEV2 MWS and pointed to Optimizer A port 12503 at that time my DEV MWS stop working(i means rule list was unable to fetch) while i check my IST MWS was also pointed to Optimizer A with port 12503 so

Finally all 3 MWS was pointing to single optimizer port 12503, now i notice out of 3 MWS only 1 of them servers is getting connected to Optimizer A, if i tried to bring rest of 2 MWS servers down it will throw error says

SOAPException( Server: com.webmethods.caf.wsserver.auth.saml.SAMLBindException: SAML bind exception: SAMLSOAPBinding.send() caught an I/O exception (wrapped: Connection refused: connect)

May be I am not sure. I do not have the set-up like yours.

Hi Rajiv,

I agree with Mahesh.

If you are running AE on 12503 you should connect both MWS to this AE-Port.

Additional question: did you configure the WmOptimize and WmPRT packages accordingly?

As I have already requested in an earlier post:
Please describe your environment layout in detail as well as the requirement for having several MWS for monitoring one IS.

Password for the user Administrator needs to be same on IS and MWS.

Regards,
Holger

Hi Holger,

We have WmOptimize and even WmPRT packages are configured properly and it’s look good to me.
Password for user Administrator is same in IS+MWS for DEV & DEV2 regions where as in IST region IS/MWS has different password.

We have 5 Region DEV2/DEV/IST/UAT/PRD

DEV2,DEV & IST Env has 10 Integration servers in each regions

DEV2 region IS is monitored by DEV2 MWS and vice versa DEV and IST has there own separate MWS servers
DEV2/DEV/IST MWS is connected to shared/same Optimizer #12503 here we are facing SAML exception 1 of 3 MWS servers are getting connected to Optimizer where as other 2 MWS throws SAML exceptions

UAT/PRD Env has separate MWS servers connected to individual Optimizer