Question & Answer
Question
Login Error - The username or password you entered is incorrect. If you need your password reset, please contact our system admins.
BMXAA0026E - The action could not be performed because the application server security is enabled. Proper authorization is required to perform this action. Report this error to your system administrator.
Cause
Application Security change happens using Tivoli's process automation configuration tool (Configuration Tool or ConfigTool, and there was a problem with the database connection: for example, the database connect fails. If you exit the ConfigTool running, fix the connection problem, and start the Config Tool again, it can read the value of the mxe.useAppServerSecurity property from the database, and this problem does not happen.
At during Config Tool launch, it loads all saved data, including that from the database, and caches the data. The default value loaded for mxe.useAppServerSecurity is 1 (enabled). The Tool works with the cache as it applies selected actions. If you fixed the database connection problem but did not exit, the Configuration Tool continues to work with the cached data.
Answer
- Log into the Maximo application administration workstation as a member of the local Administrators group.
- Open an administrative command prompt.
- Navigate to the \IBM\SMP\ConfigTool\scripts directory.
- Run this script:
reconfigurePae -action disableAppSecurity
The following is the list of web.xml files to be altered:
- \IBM\SMP\maximo\applications\maximo\maximouiweb\webmodule\WEB-INF\web.xml
- \IBM\SMP\maximo\applications\maximo\maxrestweb\webmodule\WEB-INF\web.xml
- \IBM\SMP\maximo\applications\maximo\meaweb\webmodule\WEB-INF\web.xml
- \IBM\SMP\maximo\applications\maximo\mboweb\webmodule\WEB-INF\web.xml
If Application Server Security is meant to be enabled in the environment
- Uncomment the <security-constraint> tags in all web.xml files, and make sure that the value of the useAppServerSecurity tag is set to 1.
- Set the <welcome-file> tag to the following:
<welcome-file>/ui/maximo.jsp</welcome-file>
- Using a SQL query tool, check the value of mxe.useAppServerSecurity:
SELECT PROPVALUE FROM MAXPROPVALUE WHERE PROPNAME='mxe.useAppServerSecurity';
UPDATE MAXPROPVALUE SET PROPVALUE=1 WHERE PROPNAME='mxe.useAppServerSecurity';
- Comment out the <security-constraint> tags in all web.xml files, and make sure that value of the useAppServerSecurity tag is set to 0.
- Set the <welcome-file> tag to the following:
<welcome-file>/ui/maximo.jsp?welcome=true</welcome-file>
- Using a SQL query tool, check the value of mxe.useAppServerSecurity:
SELECT PROPVALUE FROM MAXPROPVALUE WHERE PROPNAME='mxe.useAppServerSecurity';
UPDATE MAXPROPVALUE SET PROPVALUE=0 WHERE PROPNAME='mxe.useAppServerSecurity';
Another workaround if Application Server Security is not meant to be enabled in the environment. Using the TPAE Configuration Tool (\IBM\SMP\ConfigTool\ConfigUI.exe), click Change Application Security Model. Using this method changes the security model to use application internal authentication and authorization (mxe.useAppServerSecurity=0). Check the boxes to build and deploy the application EAR files. Click apply. Using this method modifies the database and changes the web.xml files so that Application Server Security is not enabled.
Was this topic helpful?
Document Information
Modified date:
28 October 2021
UID
swg21965424