Loading TOC...
Messages and Codes Reference Guide (PDF)

MarkLogic 10 Product Documentation
Messages and Codes Reference Guide
— Chapter 25

SEC Messages

SEC-ADMINROLE

Message Text

The admin role name can not be changed

Cause

You tried to change admin role name. (e.g. with sec:role-set-name)

Response

The name of the admin role is read-only and cannot be changed. Do not attempt to do so.

SEC-AMPDNE

Message Text

Amp does not exist: namespace(variable1), local-name(variable2), document-uri(variable3), database(variable4)

Cause

An amp identified by ($namespace, $local-name, $document-uri, $database) is not present in the system.

Response

Verify that there is an amp that can be identified by the provided namespace, local-name, document-uri, and database.

SEC-AMPEXISTS

Message Text

Amp already exists

Cause

An amp identified by the ($namespace, $local-name, $document-uri) tuple is already present in the context database.

Response

Provide a unique tuple ($namespace, $local-name, $document-uri, $database) when creating the amp

SEC-BADACCESSKEY

Message Text

New access key is not valid

SEC-BADCAP

Message Text

Illegal Capability: variable1

SEC-BADCOLURI

Message Text

Collection URI is not valid

SEC-BADCOMPARTMENTNAME

Message Text

Compartment name is not valid: variable1

Cause

You provided a compartment name which is not valid. A Valid compartment name should not contain any of the following characters: \ * ? / : < > | ". Additionally, the name cannot contain whitespaces

Response

Provide a valid compartment name which adheres to the naming rules mentioned in the cause section

SEC-BADCOMPARTMENTPROTECTEDPATH

Message Text

Bad compartment for protected path: variable1

Cause

Compartmented roles of the same protected path set should belong to the same compartment

Response

Fix the code.

SEC-BADCREDAUTH

Message Text

Bad credential target authentication: variable1

Cause

The credential target authentication restriction is bad.

Response

Specify a valid value (basic, digest, digestbasic).

SEC-BADDB

Message Text

Specified database variable1 is not allowed

SEC-BADEXTERNALSECURITYNAME

Message Text

New external security name is not valid

Cause

Provided external security name is not valid. A external security name is valid which it does not contain any of the following characters: \ * ? / : < > | ". Additionally, the name also cannot contain whitespace.

Response

Provide a valid external security name which adheres to the naming guidelines mentioned in the cause section

SEC-BADKIND

Message Text

Privileges must be of kind "execute" or "uri"

SEC-BADPERMPROTECTEDPATH

Message Text

Bad permission for protected path: variable1

Cause

Protected path that has a path set only allows read permission

Response

Fix the code.

SEC-BADPRIVACTION

Message Text

New privilege action is not valid

SEC-BADPRIVNAME

Message Text

New privilege name is not valid

SEC-BADROLENAME

Message Text

New role name is not valid

Cause

When user provides a role name which is not valid. Role names are valid when it does not contain any of the following characters: \ * ? / : < > |. Additionally, the name also cannot contain space in between.

Response

Provide a valid role name which adheres to the naming guidelines mentioned in the cause section

SEC-BADSECRETKEY

Message Text

New secret key is not valid

SEC-BADSESSIONTOKEN

Message Text

New session token is not valid

SEC-BADSTORAGEACCOUNT

Message Text

New storage account name is not valid

SEC-BADSTORAGEKEY

Message Text

New storage key is not valid

SEC-BADUSERNAME

Message Text

New user name is not valid

Cause

Provided user name is not valid. A user name is valid which it does not contain any of the following characters: \ * ? / : < > | ". Additionally, the name also cannot contain whitespace.

Response

Provide a valid user name which adheres to the naming guidelines mentioned in the cause section

SEC-COLCNE

Message Text

Collection not protected

SEC-COLDNE

Message Text

Collection not protected: variable1

SEC-COLPERM

Message Text

Collection permission denied: variable1 variable2

SEC-COLPROTECTED

Message Text

Collection already protected

SEC-COMPARTMENTDNE

Message Text

Compartment does not exist: variable1

Cause

Specified compartment name is not valid.

Response

Specify a valid security compartment name; check its spelling and if it has been created.

SEC-CREDENTIALDNE

Message Text

Credential does not exist: variable1

Cause

There is no credential with the given name

Response

Provide a different credential name.

SEC-CREDENTIALEXISTS

Message Text

Credential already exists: variable1

Cause

There is already another credential with the same name in the system.

Response

Provide a different credential name which is not already in the system.

SEC-DEFAULTUSERDNE

Message Text

Default user does not exist: variable1 = variable2

SEC-DUNOPRIV

Message Text

Admin error. Default user does not have privileges to this server.

SEC-EMPTYACCESSKEY

Message Text

New access key is empty

SEC-EMPTYLDAPATTRIBUTE

Message Text

Empty ldap attribute element

SEC-EMPTYLDAPBASE

Message Text

Empty ldap base element

SEC-EMPTYLDAPDEFAULTUSER

Message Text

Empty ldap default user element

SEC-EMPTYLDAPPASSWORD

Message Text

Empty ldap password element

SEC-EMPTYLDAPSERVERURI

Message Text

Empty ldap server uri element

SEC-EMPTYNSPREFIX

Message Text

Namespace prefix must not be empty.

Cause

Namespace prefix must not be empty.

Response

Empty ns prefix is not allowed. Use a non-empty prefix.

SEC-EMPTYNSURI

Message Text

Namespace uri must not be empty.

Cause

Namespace uri must not be empty.

Response

Empty ns uri is not allowed. Use a legal uri.

SEC-EMPTYPWD

Message Text

Empty password

SEC-EMPTYREALM

Message Text

Empty realm

SEC-EMPTYSECRETKEY

Message Text

New secret key is empty

SEC-EMPTYSESSIONTOKEN

Message Text

New session token is empty

SEC-EMPTYSTORAGEACCOUNT

Message Text

New storage account name is empty

SEC-EMPTYSTORAGEKEY

Message Text

New storage key is empty

SEC-EXTERNALSECURITYDNE

Message Text

External security does not exist: variable1 = variable2

Cause

The external security you specified is not present in the system.

Response

Make sure you check for misspelling the config name and verify the availability of the config in the system, then retry.

SEC-EXTERNALSECURITYEXISTS

Message Text

External security already exists

Cause

There is already another external security with the same name in the system.

Response

Provide a different external security name which is not already in the system.

SEC-EXTERNALSECURITYINUSE

Message Text

External security is protecting an HTTP, XDBC or ODBC Server.

Cause

External security is protecting an HTTP, XDBC or ODBC Server.

Response

Remove external security from HTTP, XDBC or ODBC Server

SEC-EXTSECCADEPRECATED

Message Text

Client certificate authorities in external security is deprecated. You can set the client certificate authorities in the AppServer.

SEC-GPHPERMDENIED

Message Text

Graph Permission denied: variable1 variable2

SEC-ILLEGALNSPREFIX

Message Text

Namespace prefix "xml" is reserved, Try different prefix.

Cause

Namespace prefix "xml" is reserved. It cannot be re-defined.

Response

"xml" is a reserved namespace prefix. Try different prefix.

SEC-INVALIDCREDNAME

Message Text

Invalid credential name: "variable1"

Cause

The credential name is invalid.

Response

Choose a name that is a valid NMTOKEN.

SEC-INVALIDFORMAT

Message Text

variable1 has the wrong format or is corrupted, variable2

SEC-INVALIDPERM

Message Text

Invalid permission

SEC-INVALIDPWD

Message Text

variable1 passphrase provided is invalid

SEC-INVAMP

Message Text

Invalid amp: doc(variable1)

SEC-INVAUTHENTICATION

Message Text

Invalid authentication element

SEC-INVAUTHHEADER

Message Text

Invalid HTTP Authorize header.

SEC-INVAUTHORIZATION

Message Text

Invalid authorization element

SEC-INVCOLLECTION

Message Text

Bad collection element

SEC-INVDEFAULTCOLL

Message Text

Invalid default collections: doc(variable1)

SEC-INVDEFAULTPERM

Message Text

Invalid default permissions: doc(variable1)

SEC-INVEXTERNALNAMES

Message Text

Invalid external names: doc(variable1)

SEC-INVEXTERNALSECURITY

Message Text

Invalid external security: variable1

SEC-INVLDAPBINDMETHOD

Message Text

Invalid ldap bind method element

SEC-INVPRIV

Message Text

Invalid privilege: doc(variable1)

SEC-INVPROTECTEDPATH

Message Text

Invalid protected path: variable1

Cause

The path is either not indexable or is not an element or JSON property.

Response

Use a valid protected path.

SEC-INVQUERIES

Message Text

Invalid queries: doc(variable1)

SEC-INVQUERY

Message Text

Bad role or user capability query

SEC-INVQUERYROLESETS

Message Text

Invalid query rolesets: variable1

SEC-INVROLE

Message Text

Invalid role: doc(variable1)

SEC-INVROLEID

Message Text

Invalid Role ID: doc(variable1)

SEC-INVROLEIDS

Message Text

Invalid role IDs: doc(variable1)

SEC-INVSAMLENTITY

Message Text

Invalid saml entity: variable1

SEC-INVUSER

Message Text

Invalid user: variable1

SEC-KEYGENNOTAVA

Message Text

Keystore generation so keys is not available.: variable1

Cause

Keystore on one or more hosts might be offline

Response

All hosts in the cluster must be online before this operation can be performed.

SEC-KEYSEXPORTFAILED

Message Text

Failed to export keys,see log for more details.: variable1

Cause

directory access or invalid PKCS#11 library

Response

Verify access to the kms directory under the MarkLogic data directory and path to the PKCS#11 library.

SEC-KEYSIMPORTFAILED

Message Text

Failed to import keys. variable1, variable2

SEC-KEYSTOREREPFAILED

Message Text

Keystore replication failed. variable1

Cause

Keystore is empty

Response

If switching to a new PKCS#11 library or kms directory path, make sure to call admin:cluster-rotate-data-encryption-key-id before adding more hosts to the cluster.

SEC-LASTADMIN

Message Text

Cannot delete last admin user: variable1

Cause

You attempted to remove the final user with the admin role.

Response

At least one user must have the admin role. Unless some other user also has the admin role, you cannot delete this user.

SEC-MUSTUNPROTECTPATH

Message Text

Only unprotected paths can be removed: variable1

Cause

The path is still protected.

Response

Fix the code.

SEC-NOADMIN

Message Text

User does not have admin-ui privilege.

Cause

You have attempted to access the Admin Interface and do not have the necessary security role or privileges to do so successfully.

Response

Contact your system administrator to have the proper roles and privileges assigned to you.

SEC-NOADMINROLE

Message Text

User does not have admin role.

Cause

You have attempted to access the Admin Interface and do not have the necessary security role or privileges to do so successfully.

Response

Contact your system administrator to have the proper roles and privileges assigned to you.

SEC-NOCERTIFICATEAUTHORITY

Message Text

No certificate authority with identifier variable1

SEC-NODIGEST

Message Text

No digest password for user and server set to use only digest authentication

SEC-NOEMPTYAMPDU

Message Text

New amp document uri cannot be empty

Cause

You are providing an empty document URI.

Response

Provide a non-empty document URI, which should be the URI of the module containing the function.

SEC-NOEMPTYAMPLN

Message Text

New amp local name cannot be empty

Cause

You are providing an empty amp name.

Response

Make sure you supply a non-empty and valid amp name.

SEC-NOEMPTYAMPNS

Message Text

New amp namespace cannot be empty

SEC-NOEMPTYCOLURI

Message Text

New collection URI cannot be empty

Cause

You are supplying a collection URI which is empty

Response

Either supply a different non-empty and valid collection URI or make the provided collection non-empty and resubmit.

SEC-NOEMPTYEXTERNALSECURITYNAME

Message Text

New external security name cannot be empty

Cause

You are providing an empty external security name.

Response

You should provide a non-empty and valid external security name. A valid external security name cannot contain any of the following characters: \ * ? / : < > | ". Additionally, the name cannot contain whitespace or dot (.).

SEC-NOEMPTYPRIVACTION

Message Text

New privilege action cannot be empty

Cause

You are providing an empty privilege action.

Response

Provide a non-empty and valid privilege action.

SEC-NOEMPTYPRIVNAME

Message Text

New privilege name cannot be empty

Cause

You are providing an empty privilege name

Response

You should provide a non-empty and valid privilege name. A valid privilege name cannot contain any of the following characters: \ * ? / : < > | ". Additionally, the name cannot contain whitespace or dot (.).

SEC-NOEMPTYROLENAME

Message Text

New role name cannot be empty

Cause

You are providing an empty role name

Response

You should provide a non-empty and valid role name. A valid role name cannot contain any of the following characters: \ * ? / : < > | ". Additionally, the name cannot contain whitespace or dot (.).

SEC-NOEMPTYUSERNAME

Message Text

New user name cannot be empty

Cause

You are providing an empty user name.

Response

You should provide a non-empty and valid user name. A valid user name cannot contain any of the following characters: \ * ? / : < > | ". Additionally, the name cannot contain whitespace or dot (.).

SEC-NOGRANT

Message Text

No privileges to grant/revoke role: variable1

SEC-NOPERMCAP

Message Text

Permission element or object does not contain a capability.

SEC-NOPERMPROTECTEDPATH

Message Text

Protected path must have at least one permission: variable1

Cause

The protected path would have no permission after the operation, which is not allowed.

Response

Fix the code.

SEC-NOPERMROLEID

Message Text

Permission element or object does not contain a role-id.

SEC-NOPROTECTEDPATH

Message Text

Protected path does not exist: variable1

Cause

The protected path does not exist.

Response

Fix the code.

SEC-P11ERROR

Message Text

The PKCS#11 library produced an error

Cause

PKCS#11 library error

Response

See logs for details on the PKCS#11 library error

SEC-P11NOTINIT

Message Text

The PKCS#11 wallet was not initialized

Cause

Directory access or invalid PKCS#11 library

Response

Verify access to the kms directory under the MarkLogic data directory and path to the PKCS#11 library.

SEC-P11SESSION

Message Text

Failed to open a session with the PKCS#11 wallet

Cause

Directory access, invalid HSM path, or invalid PKCS#11 library has been configured

Response

Verify keystore configuration, and see logs for details

SEC-PERMDENIED

Message Text

Permission denied: variable1 variable2

SEC-PRIV

Message Text

Need privilege: variable1

SEC-PRIVDNE

Message Text

Privilege does not exist: action(variable1), kind(variable2)

SEC-PRIVEXISTS

Message Text

Privilege already exists

Cause

There is already a privilege for the $action URI you provided.

Response

Make sure that the URI provided for the $action parameter is unique.

SEC-PRIVIDDNE

Message Text

Privilege does not exist: id(variable1)

SEC-PRIVINUSE

Message Text

Privilege protecting an HTTP, XDBC or ODBC Server

SEC-PRIVNAMEEXISTS

Message Text

Privilege name already exists

SEC-REJECTEDPWD

Message Text

Password is too weak

SEC-REMOTEPRIV

Message Text

Need privilege (remote): variable1

SEC-RNEXISTS

Message Text

Role Name already exists

Cause

The role name you supplied is already in the system.

Response

Make sure you supply a role name that is not present in the system.

SEC-ROLEDNE

Message Text

Role does not exist: variable1 = variable2

Cause

You are supplying a role which is not present in the system.

Response

Make sure you check for misspellings and verify the availability of the role in the system, then retry.

SEC-ROLEEXISTS

Message Text

Role already exists

Cause

When you try to create a Role which is already existing in the system.

Response

Use another role name which is not already present in the security database.

SEC-ROLENOTASSOC

Message Text

Role not associated with variable1

SEC-SAMLENTITYEXISTS

Message Text

SAML entity already exists

Cause

There is already another SAML entity with the same id in the system.

Response

Provide a different SAML entity id which is not already in the system.

SEC-TEMPORALDOC

Message Text

Cannot perform non-temporal operation on document in temporal collection

Response

Admin will be able to perform this operation by setting "updates-admin-override" on temporal collection using temporal:collection-set-options($collection,"updates-admin-override")

SEC-UNEXISTS

Message Text

User Name already exists

Cause

There is already another user in the system with the name you provided.

Response

Make sure you supply a unique name for the user.

SEC-UNPROTECTEDCOLPRIV

Message Text

Unprotected collection privilege required

SEC-URIPRIV

Message Text

URI privilege required

SEC-USERDNE

Message Text

User does not exist: variable1 = variable2

Cause

The user you specified is not present in the system.

Response

Make sure you check for misspelling the user name and verify the availability of the user in the system, then retry.

SEC-USEREXISTS

Message Text

User already exists

Cause

There is already another user with the same name in the system.

Response

Provide a different user name which is not already in the system.

XDMP-NOEXTERNALSECURITY

Message Text

No external security with identifier variable1

« Previous chapter
Next chapter »