IBM Support

403 authorization error after installing WebSphere XDMS V7.0 Updates

Troubleshooting


Problem

Installing any of the IBM WebSphere XML Document Management Server (XDMS) V7.0 interim fixes or fix packs may result in failed xcap_put requests and security errors in the Aggregation Proxy logs.

Symptom

Errors received from an xcap_put.sh request executed from the command line:

java -jar XcapUtils.jar -http_method PUT '-user' '[email protected]' '-password' 'password'
'-content_type' 'application/resource-lists+xml' '-filename' 'samples/TestResourceList.xml'
'http://myserver.com:80/services/resource-lists/users/[email protected]'
Response Status was: 403
Response Status Message: Forbidden Content-Type: text/html;charset=ISO-8859-1
[Fatal Error] :1:1: Content is not allowed in prolog. Response Error Message: Error 403: AuthorizationFailed

Errors included In the Aggregation Proxy logs:

[4/6/10 23:39:34:388 EDT] 00000032 AggProxyServl E com.ibm.xdms.agp.servlet.AggProxyServlet sendRequest IO Exception caught when sending Xcap request. Exception printout:
Connection refused.

Cause

Depending on the process used to deploy the Aggregation Proxy fix, the property "Security role to user / group mapping" might not be set correctly. If the setting is incorrect, the user will not be authorized to perform the action.

Resolving The Problem

To resolve the issue, perform the following steps.

  1. Login to the WebSphere Application Server Admin Console.
  2. From the main menu select Applications > WebSphere enterprise applications.
  3. Click the XDMSAggregationProxy link.
  4. Under the "Detail Properties" section, click "Security role to user / group mapping".
  5. Select the check box next to All_Role.
  6. Click the "Map Special Subject" drop-down menu and select "All Authenticated in Trusted Realms".
  7. Restart the proxy.

[{"Product":{"code":"SSWJLZ","label":"WebSphere XML Document Management Server"},"Business Unit":{"code":"BU055","label":"Cognitive Applications"},"Component":"Aggregation Proxy","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"}],"Version":"7.0","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
17 June 2018

UID

swg21430999