"Security Violation: User: '<anonymous>' has insufficient permission" In OIM Logs (Doc ID 1219144.1)

Last updated on JANUARY 22, 2017

Applies to:

Identity Manager - Version 9.1.0.2 to 9.1.0.2
Information in this document applies to any platform.
**Checked for Relevance on 14-Mar-2014**

Symptoms

An error similar to the following occurs in the OIM logs:

ERROR,13 Aug 2009 18:11:44,672,java.rmi.AccessException: [EJB:010160]Security Violation: User: '<anonymous>' has insufficient permission to access EJB: type=<ejb>, application=Xellerate, module=xlDataObjectBeans.jar, ejb=tcUserOperations, method=findUsers, methodInterface=Remote, signature={java.util.Map}.
at weblogic.ejb.container.internal.MethodDescriptor.checkMethodPermissionsRemote(MethodDescriptor.java:560)
at weblogic.ejb.container.internal.BaseRemoteObject.checkMethodPermissions(BaseRemoteObject.java:115)
at weblogic.ejb.container.internal.BaseRemoteObject.preInvoke(BaseRemoteObject.java:272)
at weblogic.ejb.container.internal.StatelessRemoteObject.preInvoke(StatelessRemoteObject.java:52)
at com.thortech.xl.ejb.beans.tcUserOperations_voj9p2_EOImpl.findUsers(tcUserOperations_voj9p2_EOImpl.java:329)
at Thor.API.Operations.tcUserOperationsClient.findUsers(Unknown Source)
at sun.reflect.GeneratedMethodAccessor183.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.security.Security.runAs(Security.java:41)
at Thor.API.Security.LoginHandler.weblogicLoginSession.runAs(Unknown Source)
at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
at $Proxy59.findUsers(Unknown Source)

The error may be seen coming from custom code, or coming from the code of one of the out-of-the-box connectors.

The above error is specific to WebLogic, but other application servers will show similar errors. In particular, the following error may be encountered on WebSphere under similar circumstances:

[4/30/10 5:06:37:628 CDT] 0000004e SystemOut O ERROR,30 Apr 2010 05:06:37,628,[XELLERATE.JAVACLIENT],Class/Method: tcDataObjClient/close encounter some problems: CORBA OBJECT_NOT_EXIST 0x0 No; nested exception is:
org.omg.CORBA.OBJECT_NOT_EXIST: java.rmi.NoSuchObjectException: Stateful bean BeanId(Xellerate#xlDataObjectBeans.jar#tcTSA, 4DD6293A-0128-4000-E000-07700A7F2C3B) was removed or timed out. vmcid: 0x0 minor code: 0 completed: No
java.rmi.NoSuchObjectException: CORBA OBJECT_NOT_EXIST 0x0 No; nested exception is:
org.omg.CORBA.OBJECT_NOT_EXIST: java.rmi.NoSuchObjectException: Stateful bean BeanId(Xellerate#xlDataObjectBeans.jar#tcTSA, 4DD6293A-0128-4000-E000-07700A7F2C3B) was removed or timed out. vmcid: 0x0 minor code: 0 completed: No
at com.ibm.CORBA.iiop.UtilDelegateImpl.mapSystemException(UtilDelegateImpl.java:267)
at com.ibm.CORBA.iiop.UtilDelegateImpl.wrapException(UtilDelegateImpl.java:742)
at javax.rmi.CORBA.Util.wrapException(Util.java:296)
at com.thortech.xl.ejb.interfaces._tcTSA_Stub.remove(_tcTSA_Stub.java:158)
at sun.reflect.GeneratedMethodAccessor97.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:618)
at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:219)
at javax.security.auth.Subject.doAs(Subject.java:495)
at com.ibm.websphere.security.auth.WSSubject.doAs(WSSubject.java:118)
at Thor.API.Security.LoginHandler.websphereLoginSession.runAs(Unknown Source)
at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
at $Proxy16.remove(Unknown Source)
at com.thortech.xl.client.dataobj.tcDataObjClient.close(Unknown Source)
at com.thortech.xl.client.dataobj.tcDataObjClient.finalize(Unknown Source)
at java.lang.J9VMInternals.runFinalize(J9VMInternals.java:408)

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms