If you have configured WebSphere to map roles, the authorization of the user might occasionally fail. This could be because, when Run As roles and user/group to role mappings are configured after the J2EE Agent is installed, they fail to be propagated to the JAAC module automatically even after a restart. If this happens, do the following:
Browse to the folder where the Novell J2EE Agent is installed.
Open uDontKnowJacc.jy, which is located in the /novell/nids_agents/bin folder.
Delete the first line.
Modify member1 to <application server name>.
Replace <application server name> with the name of the application server instance where NIDPJ2EEApp is installed.
Execute the following command at the shell prompt:
<path-to-websphere>/bin/wsadmin.sh -username <adminusername> -password <adminpassword> -lang jacl -f <path-to-nids_agents-folder>/uDontKnowJacc.jy
Replace <path-to-websphere> with the path where the WebSphere server is installed.
Replace <adminusername> with the name of the WebSphere administrator.
Replace <adminpassword> with the password of the WebSphere administrator.
NOTE:For more information about updating a security policy, see “Propagating a Security Policy”.