Troubleshooting: "Authentication failed when using LTPA"

Use this topic to troubleshoot authentication errors in SystemOut.log, trace.log, or FFDC trace.

Problem

You see the following error message logged in the SystemOut.log, trace.log, or FFDC trace of your HCL Commerce Transaction server:
LTPAServerObj E SECJ0369E: Authentication failed when using LTPA. 
The exception is com.ibm.websphere.wim.exception.PasswordCheckFailedException: CWWIM4537E 
No principal is found from the 'spiuser' principal name.

Solution

WebSphere Application Server authentication is not used in the Transaction server. These errors occur when the WebSphere Application Server tries to process the 'spiuser' in the header of a request, when it is actually intended for the HCL Commerce application to process.

These messages can be safely ignored.

This error message can be disabled by doing the following:

  1. In the WebSphere Application Server Administrative Console, click Security > Global security.
  2. Under Authentication, expand Web and SIP security and click General settings.
  3. Uncheck the check box Use available authentication data when an unprotected URI is accessed.
  4. Click the OK button.

This error message is no longer printed to the log.