Let's consider an example of an Java application that is configured with security role name "administrator" in the web.xml file.
<security-role> <role-name>administrator</role-name> </security-role>
When an application is configured with a security role name, the application will need to be mapped to a certain user or group. In the WebSphere admin console, at Applications > All applications > your application, there should be an option Security role to user/group mapping.
The security role name will be displayed, but no user or group mapped to the role.
When the application is not mapped to a user or group, something like error 403 Authorization Failed will appear in the web browser or logs.
To remedy this, map the application to a user or group, save the change to the master repository, and then restart the JVM or cluster. After this is done, you should be able to access the application.