403 Authorization Failures when Application is Inactive
 Technote (FAQ)
 
Problem
Your system is using Lighweight Third Party Authentication (LTPA), Lightweight Directory Access Protocol (LDAP) or custom registry. After logging in and letting your application sit or become inactive, you may receive a 403 authorization failed error.
 
Cause
There also may be transaction time-out errors in the trace file. A security trace on your application server shows the following:

WSAccessManag < isGrantedAnyRole:No role or group role found for accessId[user:localhost:389/cn=user1,cn=group1, o=ibm,c=us], exit value:true
 
Solution
This is fixed in PQ69036. The Cumulative Security Interim Fix includes PQ69036. The group type will properly append to the group name once the fix is applied.
 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): HP-UX
Software version: 4.0.5
Software edition:
Reference #: 1081081
IBM Group: Software Group
Modified date: Dec 17, 2003