Security Role Mapping Done In Development Tool Causes Authorization Failures
 Technote (FAQ)
 
Problem
When an application EAR file that is created with security roles mapping within Websphere Studio Application Developer (WSAD) is deployed in WebSphere, the user gets 403 (authorization) errors in the browser when the secured resource is accessed. This occurs even after logging in with a valid user for the role.
 
Cause
The problem is that WSAD generates the role mapping in a different format than WebSphere uses. Example:
allauthenticatedusers vs. AllAuthenticatedUsers
everybody vs. Everybody
 
Solution
To avoid this problem, the workaround is to simply do the mapping of roles to users in WebSphere Application Server during deployment rather than in WebSphere Studio Application Developer.

Alternatively, there is a WSAD defect (APAR JR16803) which has been fixed in WSAD 4.0.3. Upgrading to this version resolves the problem.

 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): HP-UX
Software version: 4.0.2
Software edition:
Reference #: 1051205
IBM Group: Software Group
Modified date: Sep 17, 2004