Support Article
Error 500: Exception occured trying to invoke SMA
SA-34883
Summary
User configured the System Management Application (SMA) as "Local JVM Connection - SMA is installed on PRPC server" and didn't provide the Websphere admin user Id and password.
After adding the node user is getting the error "Error 500" on SMA screen and in the application server log user see below error:
Error Messages
com.opensymphony.xwork2.util.logging.commons.CommonsLogger error Exception occurred during processing request: Exception occurred trying to invoke the getter on the MBean
javax.management.RuntimeOperationsException: Exception occurred trying to invoke the getter on the MBean
Caused by: javax.management.JMRuntimeException: ADMN0022E: Access is denied for the getName operation on web MBean because of insufficient or empty credentials.
at com.ibm.ws.management.AdminServiceImpl.preInvoke(AdminServiceImpl.java:2382)
Steps to Reproduce
- Configure the SMA as "Local JVM Connection - SMA is installed on PRPC server.
- Do not provide the Websphere admin user id and password using the option credential not required and then access the node.
Root Cause
The root cause of this problem is defect/misconfiguration in the operating environment.
If WebSphere Application Server's Global/Administrative Security is enabled in any environment, the "Local Connection" option in SMA will not work as this cannot transmit admin credentials.
If Administrative security is enabled, then, "Remote Connection" option has to be selected.
Resolution
Perform the following local-change steps:
Option 1: Update the Websphere application server soap.client.props file and set the admin Id and password:
com.ibm.SOAP.loginUserid=
com.ibm.SOAP.loginPassword=
To encode the password use the utility websphere utility
PropFilePasswordEncoder.bat soap.client.props com.ibm.SOAP.loginPassword
Option 2: Create a Websphere user with Monitor roll and assign the roll PegaDiagnosticUser and use this user id and password in the SMA configuration. This user has view access in Websphere.
STEPS:
1. Under user and groups click “manage Users” menu and fill in the required details and click create button. For example: “smauser”
2. Click “Administrative user roles” then click Search and add the smauser to Mapped to role list. Select the Role(s) as Monitor and press ok.
3. Now map the user with the PegaDiagnosticUser. Click the application “prpc_j2ee14_ws” and then the menu “Security role to user/group mapping”.
3. Select PegaDiagnosticUser and click Map User.
4. Click the Search button and select the newly created user “smauser” and move it from available to selected list. Press ok.
5. In the SMA configuration use
Remote Connection –SMA is stand-alone, provide remote host, SOAP for the JVM, user/password as the newly creates Websphere user and password.
6. Submit and one should be able to connect the SMA and also download the logs.
Published April 6, 2017 - Updated October 8, 2020
Have a question? Get answers now.
Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.