A newly deployed application has authorization errors when invoking EJB methods from a servlet.
An additional review indicates that users are authenticated, but do not have the correct
authorization.
How can a system administrator fix the issue ensuring only authorized access?

A.
Using the Integrated Solutions Console (ISC), map all security roles to the special subject
Everyone.

B.
Using the Integrated Solutions Console (ISC), map the security roles that are still not mapped
to groups in the current user registry.

C.
Edit the application using an assembly tool to add a security constraint for the servlet and
reinstall the application.

D.
Edit the application using an assembly tool to remove the security constraint defined for the
servlet and reinstall the application.