wood burning stoves*
The moose likes Websphere and the fly likes SECJ0306E: LTPA Token expiration, why? (WAS Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Products » Websphere
Bookmark "SECJ0306E: LTPA Token expiration, why? (WAS" Watch "SECJ0306E: LTPA Token expiration, why? (WAS" New topic

SECJ0306E: LTPA Token expiration, why? (WAS

Milan Duriancik

Joined: Jan 21, 2005
Posts: 3
I have the following error regularily in the logs of my managed application servers. This happens since the update from to (the same thing with :

SECJ0306E: No received or invocation credential exist on
the thread. The Role based authorization check will not have
an accessId of the caller to check.


After analysing the trace (com.ibm.ws.security.*) I found that it is a token LTPA that expires, before the call to getState (called evry minute => I think this must be the node agent that queries the states of the application servers) and is refreshed only after the error happend.

It happens almoste every 120 min (120 min is the expiration time of the token LTPA)

This error has no consequences on the execution of the deployed applications.

Has anybody a problem like this?
Has anybode an idea what is wrong?



[01/07/05 08:46:05:209] 70eb7271 > source=com.ibm.ws.security.role.RoleBasedAuthorizerImpl
checkAccess, methodName:getState resourceName: Server moduleName: Server
[01/07/05 08:46:05:209] 70eb7271 d source=com.ibm.ws.security.role.RoleBasedModule
[01/07/05 08:46:05:209] 70eb7271 < source=com.ibm.ws.security.role.RoleBasedSubjectMap
[01/07/05 08:46:05:209] 70eb7271 < source=com.ibm.ws.security.role.RoleBasedSubjectMap
[01/07/05 08:46:05:209] 70eb7271 d source=com.ibm.ws.security.role.RoleBasedAuthorizerImpl
invocation and received cred are both null!
[01/07/05 08:46:05:209] 70eb7271 E source=com.ibm.ws.security.role.RoleBasedAuthorizerImpl
SECJ0306E: Aucun justificatif re�u ou d'appel n'existe sur l'unit� d'ex�cution. Le contr�le d'autorisation bas�e sur le r�le n'aura pas d'ID d'acc�s � v�rifier pour l'appelant. Les param�tres sont : m�thode de contr�le d'acc�s getState sur la ressource Server et le module Server. La trace de pile est java.lang.Exception: dump thread stack for debugging
at com.ibm.ws.security.role.RoleBasedAuthorizerImpl.checkAccess(RoleBasedAuthorizerImpl.java:292)
at com.ibm.ws.management.AdminServiceImpl.preInvoke(AdminServiceImpl.java:1347)
at com.ibm.ws.management.AdminServiceImpl.invoke(AdminServiceImpl.java:657)
at com.ibm.ws.management.connector.AdminServiceDelegator.invoke(AdminServiceDelegator.java:130)
at sun.reflect.GeneratedMethodAccessor13.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:62)
at java.lang.reflect.Method.invoke(Method.java:391)
at com.ibm.ws.management.connector.soap.SOAPConnector.invoke(SOAPConnector.java:320)
at com.ibm.ws.management.connector.soap.SOAPConnector.service(SOAPConnector.java:190)
at com.ibm.ws.management.connector.soap.SOAPConnection.handleRequest(SOAPConnection.java:55)
at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java:652)
at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:448)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:912)
[01/07/05 08:46:05:271] 70eb7271 d source=com.ibm.ws.security.role.RoleBasedAuthorizerImpl
[01/07/05 08:46:05:271] 70eb7271 > source=com.ibm.ws.security.role.RoleBasedSubjectMap
[01/07/05 08:46:05:271] 70eb7271 d source=com.ibm.ws.security.role.RoleBasedSubjectMap
isGrantedAnyRole: grantedRoles null, access denied
[01/07/05 08:46:05:271] 70eb7271 < source=com.ibm.ws.security.role.RoleBasedAuthorizerImpl
checkAccess, result:false
[01/07/05 08:46:05:287] 70d37271 d source=com.ibm.ws.security.auth.ContextManagerImpl
Server cred time remaining = -181781
[01/07/05 08:46:05:287] 70d37271 d source=com.ibm.ws.security.auth.ContextManagerImpl
Server Subject expired, refreshing...
[01/07/05 08:46:05:287] 70d37271 d source=com.ibm.ws.security.ltpa.LTPAToken
Expiration passed into cloned token: 1120200358506
[01/07/05 08:46:05:287] 70d37271 > source=com.ibm.ws.security.ltpa.LTPAToken
new LTPAToken from clone
[01/07/05 08:46:05:287] 70d37271 d source=com.ibm.ws.security.ltpa.LTPAToken
Refreshing expiration of token.
[01/07/05 08:46:05:287] 70d37271 d source=com.ibm.ws.security.ltpa.LTPAToken
Expiration set to: Fri Jul 01 09:06:05 2005
[ July 01, 2005: Message edited by: Milan Duriancik ]

Hiroshi Tominaga

Joined: Apr 21, 2005
Posts: 29
I don't know if you already fix the problem..if not, i know that cumulative fix 7 for was 5.1.1 solves this problem.
I also had same problem with was

best regards!

SCJP 1.4, <br />IBM Certified System Administrator Websphere Application Server 5.0, IBM Certified DB2 UDB Database Associate
I agree. Here's the link: http://aspose.com/file-tools
subject: SECJ0306E: LTPA Token expiration, why? (WAS
Similar Threads
Problems to update a Portlet
RAD6/WAS6 Uninstall?
To deploy EJB module WAS V7.0 in MyEclipse Blue 6.5 -- URGENT
deploy ear in WAS v7.0 in MyEclipse blue 6.5
Websphere Application Server V6.1 connection problem with DB2 V8.1