Problem

Situations may occur where users lock the door behind them and throw away the key to accessing the JOC Cockpit, for example:

• if JS7 - Identity Services are used which are based on external access to an Identity Provider, such as an JS7 - LDAP Identity Service that is not accessible,
• if a misconfiguration occurs that prevents an Identity Service from authenticating and/or authorizing a user account - for example due to missing permissions.

Analysis

Check the joc.log file for analysis why login to JOC Cockpit has been denied.

• Refer to the JS7 - Log Files and Locations article to identify the location of the joc.log file.
• Consider applying JS7 - Log Levels and Debug Options to receive more detailed information why an Identity Service is denying login from a user account.
  • The authentication-debug.log holds detailed information about failed authentication and authorization attempts.

Solution

• Should analysis prove that the problem is related to missing availability of external Identity Provider(s) then JOC Cockpit should be accessible when the relevant Identity Provider(s) become functional again.
• Otherwise you can apply the instructions provided in the JS7 - Rescue in case of lost access to JOC Cockpit article.