posted 15 years ago
I'm trying to set up application security for a project I'm working on and I'm running into a bit of difficulty. In my deployment descriptor, I have this:
What I'd really like to have happen is to allow anyone that successfully authenticates to access the page - but I need them to log in to prove who they are. Right now, what's happening is that it seems that the authentication happens properly, but then I get a 403 error stating that the user does not have any of the assigned roles required (administrator) to get to the desired resource.
The app server behind this is WAS 6.1 and that's authenticating against LDAP.
What am I missing in this configuration? How do I map the user to a role? Does that have to come from LDAP?
Thanks.