PQ96360: "SECJ0321E: ROLE BASED AUTHORIZATION" ERROR IS GENERATED WHEN NON ADMINISTRATOR ROLE LOGS ONTO THE ADMIN CONSOLE

 Fixes are available

5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for AIX
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Windows
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for HP-UX
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Solaris
5.1.1.6: WebSphere Application Server Version 5.1.1 Cumulative Fix 6
5.1.1.7: WebSphere Application Server Version 5.1.1 Cumulative Fix 7
5.1.1.4: WebSphere Application Server Version 5.1.1 Cumulative Fix 4
5.1.1.8: WebSphere Application Server 5.1.1 Cumulative Fix 8 for Linux



APAR status
Closed as program error.

Error description
SECJ0321E Errors are generated if you are a non-administrator
role (like configurator, monitor or operator) and log on to the
console because it does not have read permission to EJBrole
administrator, any mouse click will generate audit message.

These errors cause no functional loss

[10/5/04 15:11:17:234 PDT] 3e817e0d RoleBasedAuth A SECJ0321E:
Role
based authorization is caller in role failed for security name
WAS-TOBLER/paul, accessId
user:WAS-TOBLER/S-1-5-21-1757981266-1275210071-1801674531-1005,
and role name [Ljava.lang.String;@608b3e1d.
[10/5/04 15:11:17:250 PDT] 27253e0f RoleBasedAuth A SECJ0321E:
Role
based authorization is caller in role failed for security name
WAS-TOBLER/paul, accessId
user:WAS-TOBLER/S-1-5-21-1757981266-1275210071-1801674531-1005,
and role name [Ljava.lang.String;@512d7e1d.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users who have  *
*                 enabled security and are accessing the       *
*                 Administration Console.                      *
****************************************************************
* PROBLEM DESCRIPTION: "SECJ0321E: ROLE BASED AUTHORIZATION"   *
*                      error is generated when a use not in    *
*                      the adinistrator role uses the          *
*                      Administration Console.                 *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
SECJ0321E Errors are generated if the autenticated user is not
in the administrator role (such as configurator, monitor or
operator) and log on to the console.  This occurs as the user
does not have read permission to EJBrole administrator.
Problem conclusion
The erros do not represent functional loss and should have
not been reported in the first place.  The messages were
removed.
Temporary fix Comments
APAR information
APAR number PQ96360
Reported component name WAS NETWRK DEPL
Reported component ID 5630A3601
Reported release 00S
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2004-10-27
Closed date 2004-10-31
Last modified date 2004-10-31

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Publications Referenced

Fix information

Applicable component levels
R003 PSY    UP
R00A PSY    UP
R00H PSY    UP
R00I PSY    UP
R00P PSY    UP
R00S PSY    UP
R00W PSY    UP
R103 PSY    UP
R10A PSY    UP
R10H PSY    UP
R10I PSY    UP
R10P PSY    UP
R10S PSY    UP
R10W PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 00S
Software edition:
Reference #: PQ96360
IBM Group: Software Group
Modified date: Oct 31, 2004