Posts tagged "SECJ0305I"

LiveCycle ES2: SECJ0305I error in WebSphere log when using an email endpoint


When using an email endpoint in LiveCycle ES2 on WebSphere, you may notice the following error in the server log each time the email endpoint is invoked, or scans for new emails:

00000020 RoleBasedAuth A   SECJ0305I: The role-based authorization check failed for naming-authz operation NameServer:bind_java_object. 
The user UNAUTHENTICATED (unique ID: UNAUTHENTICATED) was not granted any of the following required roles: CosNamingWrite, CosNamingDelete, CosNamingCreate.
00000020 EmailReaderIm E getEmailSourceLock NO_PERMISSION exception caught


This error is repeatedly sent to the server log due to missing permissions for the CORBA naming service groups in WebSphere.

Here is the configuration with the missing privileges:


By making a small change in the WAS admin console you can resolve these errors.  You need to add the privileges for “Cos Naming Write”, “Cos Naming Delete” and “Cos Naming Create” to the CORBA naming service groups.

Open the WebSphere administration console

Goto Environment > Naming > CORBA Naming service groups

Add the following privileges “Cos Naming Write”, “Cos Naming Delete” and “Cos Naming Create”

Restart the WebSphere application server for the changes to take affect

Here is the correct configuration:

reference: (182724546/2998051)

VN:F [1.9.22_1171]
Was this helpful? Please rate the content.
Rating: 7.0/10 (1 vote cast)