"You are not authorized" message in browser without getting prompted for ID and Password.
 Technote (FAQ)
 
Problem
User tries to access a web resource but instead of being prompted for user ID and password, they see the message "you are not authorized".

After doing a security trace on the application server, we see the following exceptions in the appserver_trace.log:
WebCollaborat > checkConstraints
WebCollaborat D Error:Request should be over SSL to access the resource.
 
Cause
When setting the "security constraints" of the "web application" in the AAT (Application Assembly Tool) there is a field to set the Transport guarantee. If the value is set to Integral or Confidential, then you are expected/required to use an encrypted (SSL) ,https, transport.
 
Solution
If the value is set to none, then the normal http transport may be used.

Notice: For Windows and AIX the default value, when first defining the constraints, is none. For Solaris the default value is Confidential. Unless you want to require ssl encryption in order to access your web resource, this value should be changed to none.

For more information see:

www.ibm.com/software/webservers/appserv/doc/v40/ae/infocenter

- 6.6.8.0.4: Assembly properties for security constraints

- - User Data Constraints - Transport guarantee

 
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): HP-UX
Software version: 4.0
Software edition:
Reference #: 1066350
IBM Group: Software Group
Modified date: Nov 1, 2004