I saw this problem on Thursday, and wanted to share the solution.
So, whilst trying to deploy my portlet from Rational Application Developer 8.0.4 IF1 to WebSphere Portal 7.0.0.2 CF12, we saw: -
WKSP0012E "Caller is not in the required role to access restricted document(s)"
WKSP0012E "Caller is not in the required role to access restricted document(s)"
in the logs for the portal server ( /opt/IBM/WebSphere/wp_profile/logs/WebSphere_Portal/SystemOut.og ).
Looking at this old WebSphere Portal Express v6 document for inspiration
we concluded that the problem may be security-related.
The document describes how to use a JACL script - redeployFileTransfer.jacl - to correctly configure security for the File Transfer Servlet.
Having checked that we still had the script with WP7: -
$ cd /opt/IBM/WebSphere/AppServer/bin
$ ls -al redeployFileTransfer.jacl
-rwxr-xr-x 1 root root 3918 Apr 5 08:07 redeployFileTransfer.jacl
$ ls -al redeployFileTransfer.jacl
-rwxr-xr-x 1 root root 3918 Apr 5 08:07 redeployFileTransfer.jacl
and made a note of the cell, node and server/instance names: -
Cellname GBEDFTSERH301
Nodename GBEDFTSERH301
Servername WebSphere_Portal
we ran the following wsadmin command to execute the JACL script: -
$ cd /opt/IBM/WebSphere/AppServer/bin
$ ./wsadmin.sh -conntype NONE -lang jacl -profile redeployFileTransfer.jacl -c "fileTransferAuthenticationOn GBEDFTSERH301 GBEDFTSERH301 WebSphere_Portal"
WASX7357I: By request, this scripting client is not connected to any server process. Certain configuration and application operations will be available in local mode.
Uninstall filetransfer -cell GBEDFTSERH301 -node GBEDFTSERH301 -server WebSphere_Portal
ADMA5017I: Uninstallation of filetransfer started.
ADMA5005I: The application filetransfer is configured in the WebSphere Application Server repository.
ADMA5011I: The cleanup of the temp directory for application filetransfer is complete.
ADMA5106I: Application filetransfer uninstalled successfully.
Install /opt/IBM/WebSphere/AppServer/systemApps/filetransferSecured.ear -cell GBEDFTSERH301 -node GBEDFTSERH301 -server WebSphere_Portal -appname filetransfer -usedefaultbindings -nocreateMBeansForResources
ADMA5016I: Installation of filetransfer started.
ADMA5005I: The application filetransfer is configured in the WebSphere Application Server repository.
ADMA5011I: The cleanup of the temp directory for application filetransfer is complete.
ADMA5013I: Application filetransfer installed successfully.
Having undertaken this, we restarted WebSphere Portal: -
$ ~/stopPortal.sh
$ ~/deleteLogs.sh
$ ~/startPortal.sh
and the RAD to Portal deployment worked like a treat.
For the record, here's the WebSphere 7 version of the same document: -
2 comments:
Thanks again Dave - very helpful!
@Graham - no worries, always a pleasure - hope #LifeIsGood with you as well :-)
Post a Comment