Basic Authentication on websphere 7

Question

I am using websphere 7 file based basic security for my simple webapplication. My application contains two screen 1.Add Partner 2.List Partner. For this i have created two roles 1.AddPartner 2.ListPartner. I mapped this two roles with different username and password.When user click AddPartner link it should ask for credentials, like same for ListPartner link also. Below is my web.xml entry(i am using strut2 convention)

<security-constraint>
    <web-resource-collection>
        <web-resource-name>servicepartner</web-resource-name>
        <url-pattern>/add-partner</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>AddPartner</role-name>
    </auth-constraint>
</security-constraint>

<security-constraint>
    <web-resource-collection>
    <web-resource-name>servicepartner</web-resource-name>
     <url-pattern>/list-partner</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <role-name>ListPartner</role-name>
    </auth-constraint>
</security-constraint>

<login-config>
    <auth-method>BASIC</auth-method>
</login-config>
<security-role>
    <role-name>AddPartner</role-name>
</security-role>
<security-role>
    <role-name>ListPartner</role-name>
</security-role>

but its works for AddPartner but when i click ListPartner link application throwing 403 forbidden error because it checking aganist AddPartner credentials. I am getting below error in my server console.

Authorization failed for user commonuser:defaultWIMFileBasedRealm while invoking GET on default_host:/serviceapp/list-partner, Authorization failed, Not granted any of the required roles: ListPartner

Is it possible to check for different credentials in single application.please help me.

One thing i'm missing is your role to users mapping. Can you show how do you map these roles to users ? maybe something there is wrong — Aviram Segal, Jul 24 '12 at 19:24
In Ibm admin console - clicking my installed application-security role to user/group mapping and mapping those roles with already create users. — Mohan, Jul 28 '12 at 07:29
From the error it seems you got a problem with the user to role mapping. — Aviram Segal, Jul 30 '12 at 06:34

score 1 · Answer 1 · answered Jul 22 '13 at 08:21

these steps must be done to use application security in your web module:
1. You have to have "Application security" enabled in WAS
2. Your application (web.xml) has to have roles, loging method and resource restrictions defined. Also please specify realm name e.g. <realm-name>defaultWIMFileBasedRealm</realm-name> between your <login-config> tags.
3. roles have to be mapped to subjects (users, groups or special subjects such as all authenticated users to "some" realm. This can be done either in Rational Application Developer in I guess application.xml (physicaly written into ibm-application-bnd.xmi) or specified deploy time
enter image description here

Basic Authentication on websphere 7

1 Answers1