Thursday, 11 May 2017

Doh, WebSphere Liberty Profile, still getting it wrong ...

I saw this from my Liberty runtime today: -

...
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/IBMJMXConnectorREST/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/ibm/api/collective/notify/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/ibm/adminCenter/deploy-1.0/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/ibm/adminCenter/serverConfig-1.0/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/ibm/api/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/ibm/adminCenter/explore-1.0/
[AUDIT   ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/adminCenter/
[AUDIT   ] CWWKS9104A: Authorization failed for user admin while invoking com.ibm.ws.management.security.resource on /. The user is not granted access to any of the required roles: [Administrator].

...

because I had forgotten to set up my server.xml properly: -

<?xml version="1.0" encoding="UTF-8"?>
<server description="Default server">

    <featureManager>
        <feature>javaee-7.0</feature>
        <feature>adminCenter-1.0</feature>
        <feature>scalingController-1.0</feature>
    </featureManager>

    <keyStore password="passw0rd"/> 
    
    <basicRegistry id="basic" realm="customRealm">
        <user name="admin" password="passw0rd" />
    </basicRegistry>

    <administrator-role>
         <user>admin</user>
    </administrator-role>

    <httpEndpoint id="defaultHttpEndpoint"
                  host="*"
  httpPort="9080"
                  httpsPort="9443" />
                  
    <applicationManager autoExpand="true"/>

</server>


specifically I didn't have a user registry (!) or a user to whom to assign the Administrator role.

Can you say "Doofus" ?

For the record, this is how I start / use Liberty ( which is running in a Docker Container ): -

foobar=`docker run -d -t -p 80:9080 -p 443:9443 websphere-liberty:latest`
docker cp server.xml $foobar:/opt/ibm/wlp/usr/servers/defaultServer
docker exec -i -t $foobar /bin/bash

/opt/ibm/wlp/bin/server stop defaultServer

docker start $foobar
docker logs $foobar -f






No comments: