Can't access microagents on a system using Hawk HTTP Adapter. Log on Hawk agent system contains "Unsecured request" or "Permission denied" error
Article ID: KB0087211
Updated On:
| Products | Versions |
|---|---|
| TIBCO Hawk HTTP Adapter | - |
| Not Applicable | - |
Description
Resolution:
Symptoms:
--------------
Using the browser (Hawk HTTP Adapter) to access Hawk microagents you get Hawk HTTP error 500.
Log files:
-----------
1. The log file on the Hawk HTTP Adapter system contains the error below. The location of this file is determined by the traceDir paramter in <tomcatdir>/webapps//hawkhttp/WEB-INF/web.xml
javax.servlet.ServletException: javax.servlet.jsp.JspException: Server returned HTTP response code: 500 for URL: http://localhost:8080/hawkhttp/MicroAgents?Style=Nnames.xsl&Agent=sf11s01xxp01&Micro=FileSystem%3A0&Domain=ESBAdmin_CORP_PRD001_PRI
:
:
java.io.IOException: Server returned HTTP response code: 500 for URL: http://localhost:8080/hawkhttp/MicroAgents?Style=Nnames.xsl&Agent=sf11s01xxp01&Micro=FileSystem%3A0&Domain=ESBAdmin_CORP_PRD001_PRI
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:794)
org.apache.taglibs.standard.tag.common.core.ImportSupport.acquireReader(ImportSupport.java:348)
org.apache.taglibs.standard.tag.common.core.ImportSupport.acquireString(ImportSupport.java:259)
2. The <Hawkdir>/logs/Hawk.log on the remote system will show:
2007 Feb 28 09:15:02:837 GMT -5 HawkAgent.<agentname> Error [Application] HWKCON 220604 RemoteAccessServer.processRequest(), request type=invoke,
exception:COM.TIBCO.hawk.talon.MicroAgentException: Unsecured request made of secure agent
or
Info [Application] HWKSEC-420115 Using security file from /opt/tibco/hawk/security/Trusted.txt
2007 Feb 28 11:49:38:181 GMT -5 HawkAgent.<agentname> Error [Application] HWKCON-220604 RemoteAccessServer.processRequest(), request type=invoke,exception:COM.TIBCO.hawk.talon.MicroAgentException: Permission denied: method describe on microagent COM.TIBCO.hawk.microagent.Self
Resolution:
--------------
- If you see the "Unsecured request..." error message you need to do the following
on the host that runs the HTTP adapter:
* Uncomment the element containing
<param-name>SecurityPolicy</param-name> in hawkhttp/WEB-INF/web.xml.
Thus, the HTTP adapter will use the security policy to communicate with the agent.
* Restart the Tomcat server
- If you see the "Permission denied" error, you need to examine the following
* Is the user defined on the remote system? The request that goes
to the remote system has the username of the webserver that hosts
the Hawk HTTP adapter, i.e. the JRun process.
* Make sure the OS user explained above has permissions
to access these microagents in Trusted.txt. So if your OS username
is myusername, edit Trusted.txt and add that user. Start by allowing everything
by adding a line that contains myusername and nothing else. If this works
you can proceed to restrict access per the policy you want to implement.
Symptoms:
--------------
Using the browser (Hawk HTTP Adapter) to access Hawk microagents you get Hawk HTTP error 500.
Log files:
-----------
1. The log file on the Hawk HTTP Adapter system contains the error below. The location of this file is determined by the traceDir paramter in <tomcatdir>/webapps//hawkhttp/WEB-INF/web.xml
javax.servlet.ServletException: javax.servlet.jsp.JspException: Server returned HTTP response code: 500 for URL: http://localhost:8080/hawkhttp/MicroAgents?Style=Nnames.xsl&Agent=sf11s01xxp01&Micro=FileSystem%3A0&Domain=ESBAdmin_CORP_PRD001_PRI
:
:
java.io.IOException: Server returned HTTP response code: 500 for URL: http://localhost:8080/hawkhttp/MicroAgents?Style=Nnames.xsl&Agent=sf11s01xxp01&Micro=FileSystem%3A0&Domain=ESBAdmin_CORP_PRD001_PRI
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:794)
org.apache.taglibs.standard.tag.common.core.ImportSupport.acquireReader(ImportSupport.java:348)
org.apache.taglibs.standard.tag.common.core.ImportSupport.acquireString(ImportSupport.java:259)
2. The <Hawkdir>/logs/Hawk.log on the remote system will show:
2007 Feb 28 09:15:02:837 GMT -5 HawkAgent.<agentname> Error [Application] HWKCON 220604 RemoteAccessServer.processRequest(), request type=invoke,
exception:COM.TIBCO.hawk.talon.MicroAgentException: Unsecured request made of secure agent
or
Info [Application] HWKSEC-420115 Using security file from /opt/tibco/hawk/security/Trusted.txt
2007 Feb 28 11:49:38:181 GMT -5 HawkAgent.<agentname> Error [Application] HWKCON-220604 RemoteAccessServer.processRequest(), request type=invoke,exception:COM.TIBCO.hawk.talon.MicroAgentException: Permission denied: method describe on microagent COM.TIBCO.hawk.microagent.Self
Resolution:
--------------
- If you see the "Unsecured request..." error message you need to do the following
on the host that runs the HTTP adapter:
* Uncomment the element containing
<param-name>SecurityPolicy</param-name> in hawkhttp/WEB-INF/web.xml.
Thus, the HTTP adapter will use the security policy to communicate with the agent.
* Restart the Tomcat server
- If you see the "Permission denied" error, you need to examine the following
* Is the user defined on the remote system? The request that goes
to the remote system has the username of the webserver that hosts
the Hawk HTTP adapter, i.e. the JRun process.
* Make sure the OS user explained above has permissions
to access these microagents in Trusted.txt. So if your OS username
is myusername, edit Trusted.txt and add that user. Start by allowing everything
by adding a line that contains myusername and nothing else. If this works
you can proceed to restrict access per the policy you want to implement.
Issue/Introduction
Can't access microagents on a system using Hawk HTTP Adapter. Log on Hawk agent system contains "Unsecured request" or "Permission denied" error
Feedback
Yes
No
Powered by
