Thursday, 27 January 2011

Error "CWWIM4512E The password match failed" seen using WebSphere Portal Express v7 on Linux

During the start-up of my WebSphere Portal Express v7 installation on Ubuntu ( I know, it's not supported, but it's fun ), I started seeing: -

21/01/11 23:02:32:665 GMT] 0000002a exception     W login CWWIM4512E The password match failed.
[21/01/11 23:02:32:666 GMT] 0000002a exception     W login
                        CWWIM4512E The password match failed.

in SystemOut.log.

Digging further, I found this rather useful Technote: -

CWWIM4512E error during login requires reset of user's password in file registry

which relates to the same problem, and links to this even more useful Technote: -

How to reset the administrator's password in the file registry

which outlines how to fix the problem, summarized below: -

i) Start the wsadmin client

/opt/IBM/WebSphere/AppServer/profiles/wp_profile/bin/ -conntype NONE

ii) Update the password for the admin user - wpadmin in my case

$AdminTask changeFileRegistryAccountPassword {-userId wpadmin -password <PASSWORD>}
$AdminConfig save

iii) Update the password in the Portal and WAS configuration - assuming that you're using the same ID for both admin roles

cd /opt/IBM/WebSphere/AppServer/profiles/wp_profile/ConfigEngine
./ wp-change-portal-admin-user -DnewAdminId=uid=wpadmin,o=defaultWIMFileBasedRealm -DnewAdminPw=<PASSWORD> -DnewAdminGroupId=cn=wpsadmins,o=defaultWIMFileBasedRealm
./ wp-change-was-admin-user  -DnewAdminId=uid=wpadmin,o=defaultWIMFileBasedRealm -DnewAdminPw=<PASSWORD>

iv) Restart Portal

v) Login to WAS admin ( Integrated Solutions Console )

Use the Manage Users and Groups link to reset the password for, in my case, wpadmin to be consistent with the above scripts.

vi) Re-run the process to update the WAS Admin password

cd /opt/IBM/WebSphere/AppServer/profiles/wp_profile/ConfigEngine
./ wp-change-was-admin-user  -DnewAdminId=uid=wpadmin,o=defaultWIMFileBasedRealm -DnewAdminPw=<PASSWORD>

vii) Restart Portal

Job done :-)

It's worth re-stating that  this is only necessary where you're using a file-system based password e.g. using WIM with a file registry e.g.


as evidenced in: -

  <userRegistries xmi:type="security:WIMUserRegistry" xmi:id="WIMUserRegistry_1" serverId="" serverPassword="{xor}" realm="defaultWIMFileBasedRealm" ignoreCase="true" useRegistryServerId="false" primaryAdminId="uid=wpadmin,o=defaultWIMFileBasedRealm" registryClassName=""/>



peter greaves said...

same thing happend to me after applying CF1 on Windows XP. these instructions fixed it, but i had to restart (port blocking i think) fully at one point.

now my portal starts lovely, clean logs etc.

thanks dave!

Dave Hay said...

@Peter - excellent, thanks for the feedback

Bruno Santos Dumont said...

When I try "cd /opt/IBM/WebSphere/AppServer/profiles/wp_profile/ConfigEngine
./ wp-change-portal-admin-user -DnewAdminId=uid=wpadmin,o=defaultWIMFileBasedRealm -DnewAdminPw= -DnewAdminGroupId=cn=wpsadmins,o=defaultWIMFileBasedRealm"

Show the menssage: ADMN0022E: Acesso negado para a opera?Æo resolve no MBean ConfigService, devido a credenciais insuficientes ou vazias.

Dave Hay said...

@Bruno, silly question, but you did actually enter the password ? The exception means: -

This exception has several causes.

1. WasUserid or WasPassword can be wrong

2. Extra spaces after WasUserid or WasPassword

3. WasRemoteHostName is not set to the right server

4 WasSoapPort is not the right port for the server

5. Special characters in password (ConfigEngine is further restricted vs WAS/Portal)