Sunday, May 6, 2012

BEA-090402 and BEA-000386: Authentication denied

Problem:

In WebLogic Server 11g, if you start up the AdminServer (or any managed server for that matter), whether through the console or through the command line, you may receive the following error at the prompt:

<May 6, 2012 12:00:12 AM EDT> <Critical> <Security> <BEA-090402> <Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.>
<May 6, 2012 12:00:12 AM EDT> <Critical> <WebLogicServer> <BEA-000386> <Server subsystem failed. Reason: weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
weblogic.security.SecurityInitializationException: Authentication denied: Boot identity not valid; The user name and/or password from the boot identity file (boot.properties) is not valid. The boot identity may have been changed since the boot identity file was created. Please edit and update the boot identity file with the proper values of username and password. The first time the updated boot identity file is used to start the server, these new values are encrypted.
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.doBootAuthorization(CommonSecurityServiceManagerDelegateImpl.java:960)
        at weblogic.security.service.CommonSecurityServiceManagerDelegateImpl.initialize(CommonSecurityServiceManagerDelegateImpl.java:1054)
        at weblogic.security.service.SecurityServiceManager.initialize(SecurityServiceManager.java:873)
        at weblogic.security.SecurityService.start(SecurityService.java:141)
        at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
        Truncated. see log file for complete stacktrace
Caused By: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User weblogic javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User weblogic denied
        at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
        at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
        at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
        Truncated. see log file for complete stacktrace
>
 

Solution:

As the error describes, this is quite simple.

1. Locate your boot.properties file (typically located in $MW_HOME/user_projects/domains/soa_domain/servers/AdminServer/security/boot.properties)

2. If this file does not exist, then create it with the following two lines:
username=weblogic
password=welcome1

3. If the file exists, then re-enter the correct username and password (it will be encrypted upon next startup):
username=weblogic
password=welcome1

Applicable Versions:
  • Oracle WebLogic Server 11g (10.3.x)


Ahmed Aboulnaga

3 comments:

Unknown said...

Hi,

I am facing the above issue and I changed boot.properties and re-started the BI Services still facing the issue.

Also, I am not sure to change ldap file in which location and what needs to be modified in the file.

Please suggest.

Any help can be greatly appreciated.

Thanks / Praneeth

Unknown said...

Hi,

I am facing the above issue and I changed boot.properties and re-started the BI Services still facing the issue.

I am not sure to change ldap file in which location and what needs to be modified in the file.

I am not sure what needs to be changed in cwallet.sso. When i opened the file in notepad it is encrypted and unable to read the file.

Please suggest.

Any help can be greatly appreciated.

Thanks / Praneeth

Unknown said...

1. another way that you can do, clean cache, tmp, data, logs (by renaming the folder only) from domain server, after that you need to restart the WL

location would be :
./J2EEServer/config/CRM/WLS/$SERVER_domain/servers/$SERVER_INSTANCES/data
./J2EEServer/config/CRM/WLS/$SERVER_domain/servers/$SERVER_INSTANCES/cache
./J2EEServer/config/CRM/WLS/$SERVER_domain/servers/$SERVER_INSTANCES/tmp
./J2EEServer/config/CRM/WLS/$SERVER_domain/servers/$SERVER_INSTANCES/logs

2. restart weblogic