This Bugzilla instance is a read-only archive of historic NetBeans bug reports. To report a bug in NetBeans please follow the project's instructions for reporting issues.

Bug 86234 - EAR1.4 with wss liberty profile does not work.
Summary: EAR1.4 with wss liberty profile does not work.
Alias: None
Product: serverplugins
Classification: Unclassified
Component: Identity (show other bugs)
Version: 5.x
Hardware: All All
: P2 blocker (vote)
Assignee: issues@serverplugins
Depends on:
Reported: 2006-09-29 23:55 UTC by _ hlu
Modified: 2006-10-07 02:10 UTC (History)
0 users

See Also:
Issue Type: DEFECT
Exception Reporter:


Note You need to log in before you can comment on or make changes to this bug.
Description _ hlu 2006-09-29 23:55:28 UTC
EP build21:
EAR1.4 with wss liberty profile does not work. Vidhya found out a workaround, so
file it as p2.
Execution liberty sample with liberty x509 token profile failed with following
shown on the browser:
HTTP Status 403 - Access to the requested resource has been denied


type Status report

message Access to the requested resource has been denied

description Access to the specified resource (Access to the requested resource
has been denied) has been forbidden.


Sun Java System Application Server Platform Edition 9.0_01
Comment 1 Srividhya Narayanan 2006-09-30 00:05:19 UTC
The issue occurs for J2EE 1.4 web applications bundled in a ear and secured with
Liberty token profile.

The problem is that the sun-application.xml in the Enterprise application doesnt
contain the security-role-mapping needed to allow the current authN user to use
the application. The workaround for this issue is to manually add these lines to
the EnterpriseApplication->Configuration Files->sun-application.xml file.


There is currently no hook into the ear application for identity tooling to make
this change programatically.

I think we need to release note this issue.
Comment 2 Srividhya Narayanan 2006-09-30 00:08:35 UTC
Peter just found out this useful info also:Hi Vidhya,

If you open up the config editor for sun-application.xml, it says in there that
if you have roles defined in a module, you need to manually add the security
role mapping using the xml text editor. So, I guess they are aware of the
and this is the solution they have for now.

So, at this point, the only thing we can do is to document it.