• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Web Container authorization

 
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Authorization with Web container...........could anyone let me know what all changes do i need to make to my web.xml............

I tried configuring but i couldnt access the page which i secured it says

SECJ0129E: Authorization failed for wspadmin while invoking GET on default_host:ShopApp/shop.html, Authorization failed, Not granted any of the required roles: user manager

The roles i created were user and manager...
please help
 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Karthik,

What kind of tooling are you using? RAD, AST, etc? Do you have access to the admin console on your WebSphere cell?

Information about which users have which roles is stored in a file called ibm-application-bnd.xmi in the ear file. It's much easier to specify it in tooling or the admin console.

For example in the admin console, go to Applications > (click your application) > Security Role to user/group mapping. From there you will be able to give the wspadmin id the user and/or manager role.

I can tell you how to do it in RAD or the AST if you're using either of them.

Regards,
Mike
 
karthik mama
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hey mike thanks for the reply.......

I'm using RAD...and i do have access to the admin console....


The role-based authorization check failed for admin-authz operation Server:getName....

Could you please tell in detail...
sorry for the trouble...

thanks in advance

Regards
Karthik
 
Mike Kearney
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
WebSphere uses roles to control who has access to administrative operations (like the admin console and wsadmin scripts) and applications. You can turn security off, but then anyone will be able to use the admin console. You can tell that security is off if the admin console doesn't prompt for a password.

There are a number of administrative roles. They are administrator, operator, configurator, monitor and adminsecuritymanager. When you build a cell, a user is created that has the administrator and adminsecuritymanager roles. This user has full administrative authority and can give other users full administrative authority. If you want other users to have administrative authority you can login with the administrative userid and give them the right role. In the admin console, go to Users and Groups > Administrative User Roles, and you can click Add and give a user the administrator role as long as they are already defined in you user registry. (If you are running on the z/OS operating system, let me know.) If you give a user an administrative role in the admin console, it will apply to scripting as well.

What were you trying to do when you got the error?

Regards,
Mike
 
karthik mama
Ranch Hand
Posts: 34
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hey Mike,

I was going through some forums....found out that in the servers view-->publishing section--> we need to uncheck minimize application files copied to server.... that actually helped me the errors vanished after i re-deployed my app and ran it..... and the advice you gave specifying run as roles in application.xml of EAR did work

So thanks a lot Mike

Regards
Karthik
 
reply
    Bookmark Topic Watch Topic
  • New Topic