Explanation | The user does not have the necessary permission to access the resource. |
Action | Ensure the user is mapped to one of the roles protecting the resource if access to the protected resource is required. |
Explanation | Access is denied because there are no roles specified to access the protected resource. |
Action | Ensure there is at least one role protecting the resource. |
Explanation | The user does not have permission to access the resource because either the deployment descriptor or the annotations explicitly specify that no security roles are allowed to invoke the method. |
Action | Change the security metadata of the method either in the deployment descriptor or the annotations if access to the protected resource is required. |
Explanation | The user is denied authorization to access the resource because the authorization service is not functional. |
Action | Review your security configuration and review the logs for CWWKS messages to ensure the authorization service is registered and started. |
Explanation | The EJB security collaborator settings in the server.xml were modified. The value of the properties in the message are the new values. |
Action | This message is for information only. No action is required. |
Explanation | The run-as-mode of SYSTEM_IDENTITY is not supported. The ibm-ejb-jar-ext.xml of the given application must be changed to remove or replace the SYSTEM_IDENTITY specification. |
Action | Change the security metadata in the ibm-ejb-jar-ext.xml for the application to remove or replace the SYSTEM_IDENTITY run-as-mode specification because SYSTEM_IDENTITY is not supported. Supported run-as-mode specifications are CALLER_IDENTITY and SPECIFIED_IDENTITY. |