Troubleshooting
Problem
Attempts to login to IBM Rational DOORS Next Generation (DNG) or IBM Rational Jazz Team Server (JTS) results in a "403: AuthorizationFailed" error in the browser.
Cause
Problem with the Lightweight Directory Access Protocol (LDAP) configuration in the Websphere Application Server(WAS) during the initial application setup or after a change to LDAP configuration.
Diagnosing The Problem
The WAS SystemOut.log file can contain the following error:
SECJ0129E: Authorization failed for user <Username> while invoking GET on default_host:/jts/secure/authenticated/identity, Authorization failed, Not granted any of the required roles: JazzUsers JazzAdmins JazzGuests JazzProjectAdmins "
Resolving The Problem
To resolve this problem the Group Mappings for the jts.war file should be removed and refreshed.
To do this please follow the steps below:
- Open WAS Console.
- Navigate to the jts.war mappings file which is located under Applications/Application Types/Websphere enterprise applications/jts_war/Security role to user/group mapping.
- Remove all the current LDAP groups from each Jazz Group in the mapping table.
- Shut down WAS.
- Clear the WAS cache by first backing up and then deleting the contents of the following 2 directories
- WAS_INSTALL_LOCATION/profiles/AppSrv01/temp
- WAS_INSTALL_LOCATION/profiles/AppSrv01/wstemp
- Restart WAS.
- In the WAS Console navigate back to the jts.war mappings as detailed in step 1 above.
- Add the LDAP group mappings back for each Jazz Group.
Product Synonym
Rational DOORS Next Generation
Was this topic helpful?
Document Information
Modified date:
17 June 2018
UID
swg21966979