Unable to authenticate when a repository is down

If one or more configured repository is down, you are unable to authenticate or stop WebSphere Application Server.

Problem

The following exception or a similar exception may occur, which indicates that a connection to the back-end repository cannot be established:

CWWIM4520E The 'javax.naming.CommunicationException:                      
Extdomain1.altext.ibm.com:389 [Root exception is java.net.ConnectException: Connection refused: connect]' 
naming exception occurred during processing.  
at  com.ibm.ws.wim.adapter.ldap.LdapConnection.reCreateDirContext(LdapConnection.java:613)  
at com.ibm.ws.wim.adapter.ldap.LdapConnection.search(LdapConnection.java:2419)

Solution

Ensure that your back-end repository is running, and you are able to connect to it. In case more than one repository is configured, all of the configured repositories should be up and running.

If the problem persists, it is due to a security feature of virtual member manager. If one or more configured repository is down, you cannot log in (even as admin) or stop WebSphere Application Server, regardless of the repository in which your particular ID is stored. Virtual member manager always checks all repositories before authenticating.

To disable this security feature, use the createIdMgrRealm or updateIdMgrRealm wsadmin command to configure the –allowOperationIfReposDown parameter. After you disable this security feature, even if one of the configured repositories is down, virtual member manager works with the other active repositories. For more information about these commands, see IdMgrRealmConfig command group for the AdminTask object in the WebSphere Application Server information center. (If you are using WebSphere Application Server version 6.1, to disable this security feature, first apply the PK78677 patch or install WebSphere Application Server fixpack 6.1.0.23 or above, and then change the configuration accordingly.)



Terms of use | Feedback

http://publib.boulder.ibm.com/infocenter/wasinfo/v7r0/index.jsp?topic=/com.ibm.websphere.wim.doc/UnableToAuthenticateWhenRepositoryIsDown.html