IBM Support

IJ16749: ERROR SYSTEM:INVALIDSECURITYCONFIG AFTER LOGIN INTO MAXIMO WITH LDAP using FORM auth WHEN STRING URL="MXLOGIN.JSP"; in login.jsp

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

APAR status

  • Closed as program error.

Error description

  • Problem:
    
    After installing the IFIX008 on Maximo 7.6.1 with LDAP
    configured using FORM authentication,
    if users use the
    following URL to get to maximo : https://xxx.yyy.zzz.com/maximo,
    they get security config error on screen:
    Login Error [system:invalidsecurityconfig]
    If they click return on that screen, they get back to the
    correct login page and can proceed.
    If they use https://xxx.yyy.zzz.com/maximo/ui/login as the URL
    instead of just https://xxx.yyy.zzz.com/maximo, they don't get
    the error. But again, they didn't have the error at ifix007 when
    using https://xxx.yyy.zzz.com/maximo.
    
    In the WAS server logs, they see the following error:
    CWSCJ0053E: Authorization failed for /UNAUTHENTICATED while
    invoking (Bean)maximo#?mboejb.jar#?accesstokenprovider
    getAccessToken::3 is not granted any of the required roles:
    maximouser
    
    This happens when String url = "mxlogin.jsp"; in the login.jsp
    
    Performance Issue:
    No
    
    Steps to Reproduce:
    1. Make sure LDAP must be configured using FORM authentication.
    This can be done by uncommenting <login-config> section for
    <auth-method>FORM</auth-method> in web.xml.
    2. Install the IFIX008 on Maximo 7.6.1 successfully.
    3. Check if the String url = "mxlogin.jsp"; in the login.jsp
    located at
    \IBM\SMP\maximo\applications\maximo\maximouiweb\webmodule\webcli
    ent\login
    4. Use the following URL to get to maximo
    (https://xxx.yyy.zzz.com/maximo) and hit on login.
    5. [system:invalidsecurityconfig] error will get display on the
    screen with 'Return' button on it
    6. Click return on that screen and user is able to get back to
    the correct login page and can proceed.
    
    Results:
    After Maximo 7.6.1 IFIX008 installation withwith LDAP configured
    using FORM authentication, Login
    Error[system:invalidsecurityconfig] getting displayed when users
    use the following URL to get to maximo :
    https://xxx.yyy.zzz.com/maxim
    Also when String url = "mxlogin.jsp"; in the login.jsp
    
    Expected Results:
    User should be able to login to Maximo successfully in first
    attempt using https://xxx.yyy.zzz.com/maximo
    
    
    Reported in Version:
    Tivoli's process automation engine 7.6.1 IFIX008
    

Local fix

  • 1. Click return on the error screen, user is able to get back to
    the correct login page and can proceed.
    If user uses https://xxx.yyy.zzz.com/maximo/ui/login as the URL
    instead of just https://xxx.yyy.zzz.com/maximo, user still gets
    the login screen.
    2. Update the login.jsp and change String url from
    String url = "mxlogin.jsp";
    to
    String url = "../../ui/mxlogin";
    
    Then stop the Application Server ? Redeploy and Redeploy the
    MAXIMO.EAR. After deploying ? Clear the Internet Cache of the
    Browser for the changes to take effect.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    * Deployments on WAS using form based app-level security       *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    * ERROR SYSTEM:INVALIDSECURITYCONFIG AFTER LOGIN INTO MAXIMO   *
    * WITH  LDAP using FORM auth WHEN STRING URL="MXLOGIN.JSP"; in *
    * login.jsp                                                    *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    

Problem conclusion

  • Fixed in login.jsp
    

Temporary fix

Comments

APAR Information

  • APAR number

    IJ16749

  • Reported component name

    MAXIMO SYSTEMS

  • Reported component ID

    5724R46AV

  • Reported release

    761

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2019-06-11

  • Closed date

    2019-06-25

  • Last modified date

    2019-06-25

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    MAXIMO SYSTEMS

  • Fixed component ID

    5724R46AV

Applicable component levels



Document information

More support for: Maximo Asset Management
System Related

Software version: 761

Reference #: IJ16749

Modified date: 25 June 2019