Hi All!

I have successfully deployed my own form based security realm.

But very strange thing happens.

When I enter wrong username and password in my audit log I have:

07/13/2007 16:38:03 - Authentication attempt - asdsadasdsda
07/13/2007 16:38:03 - Authentication failed - asdsadasdsda

result: I'm being forwarded to error.jsp page

When I enter correct username and password I have:
07/13/2007 16:38:51 - Authentication attempt - xh
07/13/2007 16:38:51 - Authentication succeeded - xh

result: 403 header are sent:

Server: Apache-Coyote/1.1
Pragma: No-cache
Cache-Control: no-cache
Expires: Thu, 01 Jan 1970 01:00:00 CET
Content-Type: text/html;charset=utf-8
Content-Length: 972
Date: Fri, 13 Jul 2007 14:38:03 GMT

403 Forbidden

why?

I understand that in order to help me You need more information, but which file
should I copy&caste?
web.xml (security-constraint etc.)
geronimo-web.xml (role-mappings, principals, etc.)
geronimo-application.xml (gbean definition, I'm not using server-wide realm)

thanks in advance for any help

best regards
Lukasz


Yahoo! Answers - Get better answers from someone who knows. Try it now.