Possible cause: Authentication or authorization of the user is failing.

Authentication may be failing for any of the following reasons:

• No entry for user in user repository

• Incorrect password

• User does not have access permission for connection service

To confirm this cause of the problem

1. Check entries in the broker log for the error message Forbidden. This will indicate an authentication error, but will not indicate the reason for it.

2. Check the user repository for an entry for this user:

   • If you are using a flat-file user repository, enter the command

        imqusermgr list  -i instanceName  -u userName
     

     If the output shows the error

        Error [B3048]: User does not exist in the password file
     

     then there is no entry for the user in the user repository:

   • If you are using an LDAP user repository, use the appropriate tools to check whether there is an entry for the user.

3. If the output from step 2 does show a user entry, the wrong password was probably provided.

4. Check the access control file to see whether there are restrictions on access to the connection service.

To resolve the problem

• If there is no entry for the user in the user repository, add one (see Adding a User to the Repository).

• If the wrong password was used, provide the correct password.

• If the user does not have access permission for the connection service, edit the access control file to grant such permission (see Authorization Rules for Connection Services).