The other day I was having issues with my WebSphere security role definitions. It didn't matter what I did or how I updated the WebSphere role mappings, it wouldn't let my authorized user access some protected resources. I tried setting the special mapping to ALl_AUTHENTICATED, I mapped 3 different groups that I knew the user was in, and then I even added the user to the role. No luck. Turns out the problem was fixed by looking at my ibm-applicatoin-bnd.xml file. If that file even references the security-role it will fail and no overriding on the websphere admin console will work. Removing that reference and all my mapping worked perfectly.
