Cisco Systems: Unable to access Cisco Security Manager with correct credential

Reference:http://www.cisco.com/en/US/docs/security/security_management/cisco_security_manager/security_manager/3.0/troubleshooting/guide/scts.html#wp1043038

Recently I have been installing and trying to access Cisco Security Manager and encountered several problems which I did not understand.

The first problem I encountered after I have login with a correct credential.


You have encountered an ERROR!


The error message is listed below:


ERROR - The request attribute command is initializeAndValidate - The request attribute target is null - The custom msg is -

The application error is Error in initializeCMFSessionData in RequestManager Servlet

The exception is java.lang.NullPointerException

The exception message is null

The exception type is : java.lang.NullPointerException
The exception message is : null

The exception stack trace is as follows:

java.lang.NullPointerException at com.cisco.core.mice.util.cmf.MICEDesktopBridge.isUserLoggedIn(MICEDesktopBridge.java:2259) at com.cisco.core.mice.RequestManager.initializeCMFSessionData(RequestManager.java:251) at com.cisco.core.mice.RequestManager.initializeAndValidate(RequestManager.java:215) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source) at java.lang.reflect.Method.invoke(Unknown Source) at com.cisco.core.mice.CoreReflectionServlet.dispatch(CoreReflectionServlet.java:318) at com.cisco.core.mice.CoreReflectionServlet.doGetOrPost(CoreReflectionServlet.java:163) at com.cisco.core.mice.CoreBaseServlet.doGetOrPost(CoreBaseServlet.java:110) at com.cisco.core.mice.CoreReflectionServlet.doGet(CoreReflectionServlet.java:75) at javax.servlet.http.HttpServlet.service(HttpServlet.java:689) at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:199) at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:282) at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:754) at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:684) at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:876) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) at java.lang.Thread.run(Unknown Source)

The second problem which I have encountered after I have login with a correct credential.

HTTP Status 500 -

type Exception report

message

description The server encountered an internal error () that prevented it from fulfilling this request.

exception

javax.servlet.ServletException: Servlet execution threw an exception

root cause

java.lang.ExceptionInInitializerError
	com.cisco.nm.cmf.setup.SetupUtil.initializeLog4J(SetupUtil.java:60)
	com.cisco.nm.cmf.setup.SetupUtil.<clinit>(SetupUtil.java:46)
	com.cisco.nm.cmf.util.SecurityUtils.<clinit>(SecurityUtils.java:55)
	com.cisco.nm.cmf.servlet.CsAuthServlet.loginUser(CsAuthServlet.java:1152)
	com.cisco.nm.cmf.servlet.CsAuthServlet.doGet(CsAuthServlet.java:563)
	com.cisco.nm.cmf.servlet.CsAuthServlet.doPost(CsAuthServlet.java:529)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
	javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

note The full stack trace of the root cause is available in the Apache Tomcat/5.5.17 logs.
Apache Tomcat/5.5.17

The reason behind the problems
I have set the Cisco Security Manager Tomcat Servlet Engine and Cisco Security Manager Web Server from Manual to Automatic and I attempted to restart the services myself. The only service that should be automatic should be Cisco Security Manager Daemon Manager, and when you want to restart service you should only start Cisco Security Manager Daemon Manager and nothing else.

These are the services that should be manual:
services1

After you have restarted Cisco Security Manager Daemon Manager, other Manual services will start in order slowly.

The Cisco Security Database engine and Cisco Security reporting database engine will be started by Cisco Security Manager Daemon Manager first, follow by Cisco Security Manager Web Server the last to be started is Cisco Security Manager Tomcat Servlet Engine. Messing up the start sequence of the Cisco security manager services will make Cisco Security Manager inaccessible! The bottom line is to let the Cisco Security Manager Daemon Manager starts the services itself.

This is how it looks like after you have login.

This is how it looks like after you have login.

Remember the services start slowly in sequence you need to be patient and keep pressing the refresh button to see if the service has started, my mistake was to start the services myself! Especially the Cisco Security Manager Tomcat Servlet Engine, this is the slowest to start.

The Cisco Security Manager Client should also be able to connect to the server.
CSM2

Domain name of the Windows 2008 server
Before you install the Cisco Security Manager you may want to change the hostname of your Windows server you can do this by using this command

netdom computername oldname /newname newname after you have entered this command restart the server to have your new hostname active. You access Cisco Security Manager with the hostname of your Windows 2008 server!

You do not use localhost:1741 to try to access Cisco Security Manager server you will be redirected to 404 page!
CSM3

You either access with your server’s hostname example http://myserver:1741 or http://127.0.0.1:1741 both will redirect your browser to the SSL login page.

Advertisements
This entry was posted in Network Maintenance, Security and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s