So here's the background, I'm completing the setup of a WebSphere Portal 8 environment ( more later ) for a Portal/BPM project on which I'm engaged.
I've re-used a VMware image that already contained IBM HTTP Server (IHS) 7, so I thought I might as well re-use that for the Portal server.
IHS consists of two specific instances of Apache; one running on port 80 ( the normal web server ) and one running on port 8008 ( the Admin server ).
Having completed the connectivity between WebSphere Application Server (WAS) 8 and IHS, allowing me to manage/start/stop IHS from within the WAS Integrated Solutions Console, I decided to try accessing the IHS admin instance directly.
This is the URL that I used: -
Sadly, this failed with HTTP 403, and I saw: -
Forbidden
You don't have permission to access / on this server.
with a corresponding set of errors in the log - /opt/IBM/HTTPServer/logs/admin_error.log
...
[Wed Aug 01 11:48:37 2012] [notice] Using config file /opt/IBM/HTTPServer/conf/admin.conf
[Wed Aug 01 11:48:37 2012] [notice] IBM_HTTP_Server/7.0.0.0 (Unix) configured -- resuming normal operations
[Wed Aug 01 11:48:37 2012] [notice] Core file limit is 0; core dumps will be not be written for server crashes
[Wed Aug 01 11:57:21 2012] [error] [client 127.0.0.1] client denied by server configuration: /opt/IBMIHS
[Wed Aug 01 11:57:21 2012] [error] [client 127.0.0.1] client denied by server configuration: /opt/IBMIHS
[Wed Aug 01 11:57:21 2012] [error] [client 127.0.0.1] client denied by server configuration: /opt/IBMIHS
[Wed Aug 01 11:57:24 2012] [error] [client 127.0.0.1] client denied by server configuration: /opt/IBMIHS
[Wed Aug 01 11:57:29 2012] [error] [client 127.0.0.1] client denied by server configuration: /opt/IBMIHS
[Wed Aug 01 11:48:37 2012] [notice] IBM_HTTP_Server/7.0.0.0 (Unix) configured -- resuming normal operations
[Wed Aug 01 11:48:37 2012] [notice] Core file limit is 0; core dumps will be not be written for server crashes
[Wed Aug 01 11:57:21 2012] [error] [client 127.0.0.1] client denied by server configuration: /opt/IBMIHS
[Wed Aug 01 11:57:21 2012] [error] [client 127.0.0.1] client denied by server configuration: /opt/IBMIHS
[Wed Aug 01 11:57:21 2012] [error] [client 127.0.0.1] client denied by server configuration: /opt/IBMIHS
[Wed Aug 01 11:57:24 2012] [error] [client 127.0.0.1] client denied by server configuration: /opt/IBMIHS
[Wed Aug 01 11:57:29 2012] [error] [client 127.0.0.1] client denied by server configuration: /opt/IBMIHS
...
This led me to check whether I'd correctly set up the IHS admin instance, so I ran the following command: -
This led me to check whether I'd correctly set up the IHS admin instance, so I ran the following command: -
$ /opt/IBM/HTTPServer/bin/setupadm -usr ihsadmin -grp ihsadmins -cfg /opt/IBM/HTTPServer/conf/httpd.conf -plg /opt/IBM/HTTPServer/Plugins/config/wp8.uk.ibm.com/plugin-cfg.xml -adm /opt/IBM/HTTPServer/conf/admin.conf
which returned: -
-usr ihsadmin -grp ihsadmins -cfg /opt/IBM/HTTPServer/conf/httpd.conf -plg /opt/IBM/HTTPServer/Plugins/config/wp8.uk.ibm.com/plugin-cfg.xml -adm /opt/IBM/HTTPServer/conf/admin.conf
Script Completed RC(90)
However, I still got the same problem.
Script Completed RC(90)
However, I still got the same problem.
which presented me with a login box - when I tried to log in as ihsadmin, I got this in the logs: -
...
[Wed Aug 01 13:26:55 2012] [error] [client 127.0.0.1] user ihsadmin: authentication failure for "/wasadmin": Password Mismatch
[Wed Aug 01 13:27:33 2012] [error] [client 127.0.0.1] user ihsadmin: authentication failure for "/wasadmin": Password Mismatch
[Wed Aug 01 13:27:33 2012] [error] [client 127.0.0.1] user ihsadmin: authentication failure for "/wasadmin": Password Mismatch
...
This made me question whether I'd set the password correctly for ihsadmin so I ran: -
$ /opt/IBM/HTTPServer/bin/htpasswd /opt/IBM/HTTPServer/conf/admin.passwd ihsadmin
to explicitly set the password.
$ /opt/IBM/HTTPServer/bin/htpasswd /opt/IBM/HTTPServer/conf/admin.passwd ihsadmin
to explicitly set the password.
This time around, I was able to log in to: -
but I then got: -
<?xml version="1.0" ?>
<SAIL_Error Severity="C2_WARN" ID="AC_INVALID_HEADER" Msg="mod_ibm_admin: Missing the following request headers --- Command, Argument, request will not be processed" />
<SAIL_Error Severity="C2_WARN" ID="AC_INVALID_HEADER" Msg="mod_ibm_admin: Missing the following request headers --- Command, Argument, request will not be processed" />
At that point, I was ready to give up ....
Then I realised that I was being very very dumb.
The IHS admin instance is NO LONGER designed to be used by end-users - all the interaction is directly from WAS via the ISC.
In other words, there's no need to access the IHS admin instance on 8008 directly - all the interaction can be performed in one single place - the WAS ISC.
So it was a waste of time, but a useful learning curve ...
No comments:
Post a Comment