WebSphere

 

Portal Express, Version 6.0
Operating systems: i5/OS, Linux, Windows

 

Troubleshoot access to the portal

 

+

Search Tips   |   Advanced Search

 

  1. Portal URL does not open
  2. Unable to connect to portal
  3. Login attempt is unsuccessful, but no error message is displayed
  4. Exception javax.servlet unavailable when starting WebSphere Portal Express
  5. Application Error message displays when accessing the portal
  6. Unable to log in as the portal administrator
  7. Redirected back to login screen
  8. Cannot log in to WebSphere Portal Express environment with Active Directory as LDAP
  9. Login fails with a user ID that contains special characters
  10. Accessing portlets prior to authentication
  11. Unable to log into the portal immediately after logging out
  12. User is logged out of the portal
  13. Portal does not render, HTML markup is not supported
  14. Browser returns an invalid syntax error
  15. Contextual menus show off page
  16. Browser does not finish loading page
  17. Exception message displays when attempting to log in to the portal
  18. Portal Log in link is missing
  19. During portal migration, XmlAccess reports an AuthorizationModelException with error code EJPSB0125E

 

Portal URL does not open

If you try to open the portal URL, but the browser returns a 404 message (file not found), check the base URI and default home page.

Solution: The portal does not work unless a base URI is configured. The default base URI is /wps . For example, if the default base URI and the default home page were configured for the portal, you would open...

URL http://hostname.example.com:10038/wps/portal

 

Unable to connect to portal

IBM® WebSphere® Portal Express is an application server that is running on WAS. If you are having trouble launching WebSphere Portal Express you might want to verify that the application server was successfully installed.

Solution: Verify that the application server is installed by starting the WAS Administrative Console and look for settings that are specific to WebSphere Portal Express. For example, WebSphere Portal Express installs the following entries in the left panel of the Administrative Console:

 

Login attempt is unsuccessful, but no error message is displayed

If the login to the portal is unsuccessful, obvious error messages will usually be displayed. Typically, the error is the result of incorrectly entering a valid user ID and password, or, depending on the WebSphere Portal Express version and Fix Pack level, an error screen requesting that the user explicitly log out of portal at the end of a session.

Solution: In the case where login is not successful but no obvious error message is displayed, there are several possibilities, depending on the exact symptoms and system configuration.

If an authentication front end, such as Tivoli Access Manager is deployed and a corresponding Trust Association Interceptor (TAI) is configured for WAS, there might be an error in the configuration of the authentication front-end component. Descriptions of how to debug that environment are beyond the scope of this documentation; consult the appropriate product specific documentation in this case.

If the authentication proxy and TAI are working correctly, there might be a problem in the WebSphere Portal Express JAAS login processing.

Activating the com.ibm.wps.sso.*=all: will generate trace output from most of the JAAS loginmodules supplied with WebSphere Portal Express. The PDLoginModule, if present, can be traced by adding debug=true as a parameter to the loginmodule in the Portal Login JAAS Application object in the WAS administrative console.

If no authentication proxy or TAI are configured, and the symptom seen is that the user is immediately placed back at the login form after submitting the filled-in login form, a likely cause is that WAS single signon and the associated necessary cookie enablement is not correctly configured. Verify that your Web browser is enabled for cookies. A cookie with a valid LTPA token is needed to access URLs that are secured by WAS. If the browser is not configured to accept cookies, activate this feature.

A good test is to activate cookie prompting in the browser; the methods to do this vary from browser to browser and are beyond the scope of this document. An LtpaToken cookie should be seen after the login form is submitted, and the DNS domain associated with that cookie must be correctly set to enable it to be sent back to WebSphere Portal Express on subsequent requests. If the DNS domain of the cookie is not correct, go to the WAS Administrative Console Security Center, and on the Authentication Tab, make the necessary corrections. Also, note that the single signon cookie domain must consist of at least two names separated by a period. For example, example.com is acceptable, but example or just .com is not.

 

Exception javax.servlet unavailable when starting WebSphere Portal Express

If you receive an exception that the javax.servlet is unavailable when starting WebSphere Portal Express, you might have used the DB2 server name instead of the WebSphere Portal Express DB2 user ID as the profile owner.

Solution: Verify that the DbUser property points to the correct profile owner's user ID for theWebSphere Portal Express database to which you are transferring a component. Save the correct value and then re-transfer.

 

Application Error message displays when accessing the portal

Solution: Verify that the WAS is installed correctly.

 

Unable to log in as the portal administrator

If the following message is displayed, the administration portlets could not be deployed during the WebSphere Portal Express installation: 

	Your portal does not have any pages.

Solution:

If WebSphere Portal Express is running and the portlets didn't deploy, rerun the action-deploy-portlets configuration task to redeploy.

 

Redirected back to login screen

A problem that sometimes occurs as you attempt to install WebSphere Portal Express is that you might be able to activate WebSphere Portal Express but might not be able to log in. Specifically, after you submit your user name and password in response to the login screen, you are immediately redirected back to the login screen again.

Solution: Usually, this is a result of a configuration problem with the security support of WAS.

An easy way to diagnose this problem is to activate cookie prompting. To resolve this problem...

  1. In Internet Explorer, select Tools > Internet Options.

  2. Select the Security tab.

  3. Select the Web content zone that your browser uses to connect to WebSphere Portal Express. Usually, this will be the Internet zone.

  4. Select Custom Level. Scroll down until you see Cookies.

  5. Select Prompt for both stored and per-session cookies.

  6. Save and exit.

Internet Explorer should then prompt you whenever a server attempts to set a cookie on your browser. The prompt will say Security Alert and will ask if you will allow the Web site to place a cookie on your computer. Select the More Info button on the prompt to display the cookie name and other information.

When you attempt to log in to WebSphere Portal Express, you should see the following two cookies being set on your browser:

You might also see a third cookie, WasReqURL, if you access /wps/myportal directly and were redirected by WAS to the WebSphere Portal Express login screen.

If you don't see the LtpaToken cookie, then you will not be able to successfully log in to WAS and WebSphere Portal Express.

If this is the case, it is possible that the problem is that the domain of the LtpaToken cookie is not configured correctly in WAS. To correct this...

  1. In the WAS Administrative Console, select Security > Authentication Mechanisms > LTPA.

  2. Select Single Signon in Additional Properties.

  3. Verify that Single Signon is enabled by checking the box, except on very rare occasions when using IBM Tivoli® Access Manager for e-business WebSEAL as an authentication proxy in front of WAS and WebSphere Portal Express.

  4. Also, the Domain must be set such that a cookie marked with that domain will be sent to the browser and then returned on subsequent requests from the browser to WAS.

 

Cannot log in to WebSphere Portal Express environment with Active Directory as LDAP

When trying to log in to WebSphere Portal Express environment with Active Directory as LDAP over SSL, you might receive the following error: 

	The system could not log into your account.
	Reason: The system could not retrieve your 
		user account information data store. 
		Please try again later.

Solution: To solve this problem, you should stop and start WebSphere Portal Express.

 

Login fails with a user ID that contains special characters

Solution: Verify that your user ID contains valid characters. A valid user ID for WebSphere Portal Express might contain only the characters a-z, AZ, period (.), and underscore ( _ ). Diacritics, such as the umlaut, are not allowed.

When you signed up as a portal user or when the portal administrator enrolled you as a user, you completed the user information form. The user ID field is limited to the valid characters described in this section, but you can specify other characters in the First Name and Last Name fields.

If the user IDs of the portal users contain special characters, for example, double-byte characters, make sure that the property com.ibm.CORBA.ORBCharEncoding=UTF8 has been set on the administrative server and all application servers. For more detail, see the documentation for WAS.

 

Accessing portlets prior to authentication

By default, portlets placed on a page that does not require authentication do not have access to a portlet session (PortletSession object). This can cause problems when the portlet attempts to access the session without first checking to make sure that the session is available. Or, the portlet might write an error message to the portlet log or the user interface if the session is not available.

Solution:

There are two possible solutions:

 

Unable to log into the portal immediately after logging out

If the Authorization failed error occurs when you try to log in to the portal immediately after logging out, the portal system time is ahead of the client system time.

Solution: Set the correct time on the client system clock.

 

User is logged out of the portal

There are two reasons why a user can be logged out by the portal:

The following sections provide solutions for both problems.

 

Solution: Timeout by inactivity in the portal browser window - Configuring session management by level

If a user opens a portlet in a secondary browser window, interactions with that portlet are not sent to the portal. As a result, users could exhaust their portal session in the secondary window and be logged out of the portal, even if the portal window is still open.

You can configure session management at the Web container level. This includes configuring the duration of portal sessions. When you configure session management at the Web container level, all applications and the respective Web modules in the Web container normally inherit that configuration, setting up a basic default configuration for all applications and Web modules below it.

However, you can set up different configurations individually for specific applications and Web modules that vary from the Web container default. These different configurations override the default for these applications and Web modules only.

When you overwrite the default session management settings on the application level, all the Web modules below that application inherit this new setting unless they too are set to overwrite these settings. To change the duration of portal sessions by level...

  1. Open the Administrative Console for WAS.

  2. Select the level that this configuration applies to:

    • For the Web container level:

      1. Click Servers > Application Servers

      2. Select a server from the list of application servers

      3. Under Additional Properties, click Web Container

    • For the enterprise application level:

      1. Click Applications > Applications

      2. Select an applications from the list of applications

    • For the Web module level:

      1. Click Applications > Enterprise Applications

      2. Select an applications from the list of applications

      3. Under Related Items, click Web Modules

      4. Select a Web module from the list of Web modules defined for this application

  3. Under Additional Properties, click Session Management

  4. Make whatever changes you need to manage sessions

  5. If you are working on the Web module or application level and want these settings to override the inherited Session Management settings, under General Properties, select Overwrite.

  6. Click Apply and Save.

See also:

 

Solution: Expiration of the user's LTPA token

During the portal installation, the LTPA token expiration is set to 120 minutes. Users who are in session with the portal for more than two hours are logged out and will have to re-authenticate to continue using the portal. To change this setting, perform these steps:

  1. Open the Administrative Console for WAS.

  2. On the menu bar, click Security > Global security > Authentication > Authentication mechanisms > LTPA.

  3. Modify the timeout value as required.

  4. Click Apply.

  5. Click the Save link.

  6. Click the Save button.

  7. Close the Administrative Console.

  8. Restart the Administrative Server for WAS for the changes to take effect.

 

Portal does not render, HTML markup is not supported

The Supported Markups portlet in Administration is used to add, remove, and edit markup languages supported by the portal. It is possible that an administrator could remove or change HTML as a supported markup. If this happens, the portal user interface will no longer render in any of the supported Web browsers.

Solution:

Follow these steps to recover from this error.

  1. Make sure the portal is started.

  2. Create an XML file in the portal server config directory. For example, create recoverHTML.xml in the following WebSphere Portal Express installation directory:

  3. Insert the following XML markup for the file content and save the file. 

      <request      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:noNamespaceSchemaLocation="PortalConfig_1.2.xsd"
     type="update" create-oids="true">

       <portal action="locate">
          <markup action="update" active="true" default-charset="UTF-8" objectid="html"
             mimetype="text/html" name="html">
             <localedata charset="UTF-8"  locale="en" prefix="markup.html">
                <url>file:///$server_root$/config/work/SetupPortal_en.properties</url>
             </localedata>
          </markup>
       </portal>
       <status element="all" result="ok"/>

  </request>

  4. From a command prompt, change to the WebSphere Portal Express installation directory:

  5. Run the XMLAccess command against the XML file that you created. On a Windows system, for example: 

      xmlaccess -in C:\WebSphere\PortalServer\config\work\recoverHTML.xml 
		-user adminID -pwd adminPassword

  6. HTML is supported by the portal once the command has completed successfully. Log back into the portal and reopen the Supported Markups portlet to view the changes.

 

Browser returns an invalid syntax error

Some browsers might return a page not found - invalid syntax error when attempting to access WebSphere Portal Express.

Solution: Certain browsers require that you include the URL type, such as http://, before entering URLs with non-standard ports. Always include the URL type when entering the portal URL to prevent this error.

 

Contextual menus show off page

If you click the arrow on the Launch button for the main menu, or click one of the arrows for a contextual menu on a page, the menu may display far away from the selection arrow.

Solution: The menus display closer to the buttons if you use Internet Explorer Version 7.0.

 

Browser does not finish loading page

When using Internet Explorer to access WebSphere Portal Express, the browser appears to finish loading the page (the icon stops spinning.) before the page actually is finished.

Solution: This is a known issue with the Internet Explorer browser. For details see http://support.microsoft.com/kb/183110.

 

Exception message displays when attempting to log in to the portal

The following exception occurs when a user attempts to log in to the portal: 

	2005.01.28 06:30:14.984 E com.ibm.wps.datastore.impl.DataStoreContext handleException   
	EJPDB0031E: Object was not found in database

 

Solution: This exception occurs when a user is simultaneously logged into the portal multiple times. The user must be properly logged out before the login attempt will be successful.

 

Portal Log in link is missing

The Log in link could be missing because the page that contains the Login portlet is inactive. Pages are made inactive whenever they are being edited in Edit Layout.

Solution: Click Done in Edit Layout.

If you cannot complete the Edit Layout process for some reason, such as a session timeout, you can reactivate the login page using xmlaccess. The following example would be appropriate for a default Portal installation: 

	<content-node action="update" active="true" uniquename="wps.Login" />

 

During portal migration, XmlAccess reports an AuthorizationModelException with error code EJPSB0125E

This exception indicates that the previous version contains invalid role assignments that cannot be created within the current version. The following role assignments for the Anonymous Portal User are considered invalid in the current version:

All those role assignments would allow the anonymous user to modify existing portal content which is not supported by the portal runtime.

Solution: In the previous version, change all of the above role assignments into User roles; see Roles for information.

 

Parent topic:

Search the product documentation for a solution