WebSphere Application Server & Liberty

I have enabled Administrative Security to login into Websphere Application Admin Console. Installed and Deployed .war application successfully which has security constraint. Below is the snippet,

<security-constraint>
<web-resource-collection>
<web-resource-name>BBB</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>BBB</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>Admin</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>AAARealm</realm-name>
</login-config>

I have opened my chrome browser and logged into WAS Admin Console and but when I access my deployed web application it is throwing Error 403 Unauthorized Error.

------------------------------
Vikas M
------------------------------

Since you are getting a 403, it implies that the user (who logged into the admin console) does not have access to this app. Have you provided the user/group to role mapping during the deployment of this war/app? Does the console show the user/groups associated with the Admin role for this app?

------------------------------
Ajay Reddy Karkala
------------------------------

Original Message:
Sent: Tue June 29, 2021 09:15 AM
From: Vikas M
Subject: Websphere Version 9.0

I have enabled Administrative Security to login into Websphere Application Admin Console. Installed and Deployed .war application successfully which has security constraint. Below is the snippet,

<security-constraint>
<web-resource-collection>
<web-resource-name>BBB</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>BBB</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>Admin</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>AAARealm</realm-name>
</login-config>

I have opened my chrome browser and logged into WAS Admin Console and but when I access my deployed web application it is throwing Error 403 Unauthorized Error.

------------------------------
Vikas M
------------------------------

Do not see my earlier response posted yet so repeating ...

Have you associated users/groups to the all the roles during deployment of the application (assuming app security is enabled too which seems to be the case because of the 403 error)? AdminConsole should show the user/group to role mapping for your war/app.

------------------------------
Ajay Reddy Karkala
------------------------------

Original Message:
Sent: Tue June 29, 2021 09:15 AM
From: Vikas M
Subject: Websphere Version 9.0

I have enabled Administrative Security to login into Websphere Application Admin Console. Installed and Deployed .war application successfully which has security constraint. Below is the snippet,

<security-constraint>
<web-resource-collection>
<web-resource-name>BBB</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Admin</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>BBB</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>User</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>Admin</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>AAARealm</realm-name>
</login-config>

I have opened my chrome browser and logged into WAS Admin Console and but when I access my deployed web application it is throwing Error 403 Unauthorized Error.

------------------------------
Vikas M
------------------------------