tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Koes, Derrick" <Derrick.K...@smith-nephew.com>
Subject RE: admin tool login error
Date Thu, 01 May 2003 20:48:35 GMT

How is your web.xml configured?

-----Original Message-----
From: Bill2 [mailto:bill2@bavendam.com] 
Sent: Thursday, May 01, 2003 4:35 PM
To: tomcat-user@jakarta.apache.org
Subject: admin tool login error

Hello,

I installed Tomcat 4.1.24 and configured a user with administrator
role.  When I try to login using that user, I get the following:

"HTTP status 403 - access to the requested resource has been denied."

When I use a known invalid user I get the expected "Invalid
username...."

I set debug="9" in admin.xml and have included the relevant portion of
the log file below (most relevant section following ******** near
bottom).  This problem is similar to other posts however I encountered
it when using stable browsers like the latest Netscape and Explorer.

Any ideas or help greatly appreciated.

Thanks,

Bill

2003-05-01 12:09:25 WebappLoader[/admin]: Deploying class repositories
to work directory /usr/local/tomcat/work/Standalone/localhost/admin
2003-05-01 12:09:25 WebappLoader[/admin]: Deploy class files
/WEB-INF/classes to
/usr/local/tomcat/webapps/../server/webapps/admin/WEB-INF/classes
2003-05-01 12:09:25 WebappLoader[/admin]: Deploy JAR
/WEB-INF/lib/struts.jar to
/usr/local/tomcat/webapps/../server/webapps/admin/WEB-INF/lib/struts.jar

2003-05-01 12:09:27 ContextConfig[/admin]: Configured an authenticator
for method FORM
2003-05-01 12:09:27 StandardManager[/admin]: Seeding random number
generator class java.security.SecureRandom
2003-05-01 12:09:27 StandardManager[/admin]: Seeding of random number
generator has been completed
2003-05-01 12:09:27 StandardWrapper[/admin:default]: Loading container
servlet default
2003-05-01 12:09:40 StandardWrapper[/admin:invoker]: Loading container
servlet invoker
2003-05-01 13:04:14 StandardContext[/admin]: Starting
2003-05-01 13:04:14 StandardContext[/admin]: Processing start(), current
available=false
2003-05-01 13:04:14 StandardContext[/admin]: Configuring default
Resources
2003-05-01 13:04:14 StandardContext[/admin]: Configuring privileged
default Loader
2003-05-01 13:04:14 StandardContext[/admin]: Configuring default Manager

2003-05-01 13:04:14 StandardContext[/admin]: Processing standard
container startup
2003-05-01 13:04:14 WebappLoader[/admin]: Deploying class repositories
to work directory /usr/local/tomcat/work/Standalone/localhost/admin
2003-05-01 13:04:14 WebappLoader[/admin]: Deploy class files
/WEB-INF/classes to
/usr/local/tomcat/webapps/../server/webapps/admin/WEB-INF/classes
2003-05-01 13:04:14 WebappLoader[/admin]: Deploy JAR
/WEB-INF/lib/struts.jar to
/usr/local/tomcat/webapps/../server/webapps/admin/WEB-INF/lib/struts.jar

2003-05-01 13:04:14 ContextConfig[/admin]: ContextConfig: Processing
START
2003-05-01 13:04:14 StandardContext[/admin]: Setting deployment
descriptor public ID to '-//Sun Microsystems, Inc.//DTD Web Application
2.3//EN'
2003-05-01 13:04:14 StandardContext[/admin]: Setting deployment
descriptor public ID to '-//Sun Microsystems, Inc.//DTD Web Application
2.3//EN'
2003-05-01 13:04:14 ContextConfig[/admin]:  Accumulating TLD resource
paths
2003-05-01 13:04:14 ContextConfig[/admin]:   Scanning <taglib> elements
in web.xml
2003-05-01 13:04:14 ContextConfig[/admin]:    Adding path
'/WEB-INF/struts-logic.tld' for URI '/WEB-INF/struts-logic.tld'
2003-05-01 13:04:14 ContextConfig[/admin]:    Adding path
'/WEB-INF/struts-html.tld' for URI '/WEB-INF/struts-html.tld'
2003-05-01 13:04:14 ContextConfig[/admin]:    Adding path
'/WEB-INF/struts-bean.tld' for URI '/WEB-INF/struts-bean.tld'
2003-05-01 13:04:14 ContextConfig[/admin]:   Scanning TLDs in /WEB-INF
subdirectory
2003-05-01 13:04:15 ContextConfig[/admin]:    Adding path
'/WEB-INF/controls.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:    Adding path
'/WEB-INF/struts-bean.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:    Adding path
'/WEB-INF/struts-html.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:    Adding path
'/WEB-INF/struts-logic.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:   Scanning JARs in
/WEB-INF/lib subdirectory
2003-05-01 13:04:15 ContextConfig[/admin]:    Adding path
'/WEB-INF/lib/struts.jar'
2003-05-01 13:04:15 ContextConfig[/admin]:  Scanning TLD at resource
path '/WEB-INF/struts-logic.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:  Scanning TLD at resource
path '/WEB-INF/controls.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:  Scanning JAR at resource
path '/WEB-INF/lib/struts.jar'
2003-05-01 13:04:15 ContextConfig[/admin]:   Processing TLD at
'META-INF/tlds/struts-html.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:   Processing TLD at
'META-INF/tlds/struts-template.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:   Processing TLD at
'META-INF/tlds/struts-bean.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:   Processing TLD at
'META-INF/tlds/struts-logic.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:   Processing TLD at
'META-INF/tlds/struts-form.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:   Processing TLD at
'META-INF/taglib.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:  Scanning TLD at resource
path '/WEB-INF/struts-bean.tld'
2003-05-01 13:04:15 ContextConfig[/admin]:  Scanning TLD at resource
path '/WEB-INF/struts-html.tld'
2003-05-01 13:04:16 Authenticator[/admin]: No SingleSignOn Valve is
present
2003-05-01 13:04:16 ContextConfig[/admin]: Configured an authenticator
for method FORM
2003-05-01 13:04:16 ContextConfig[/admin]: Pipline Configuration:
2003-05-01 13:04:16 ContextConfig[/admin]:
org.apache.catalina.authenticator.FormAuthenticator/1.0
2003-05-01 13:04:16 ContextConfig[/admin]:
org.apache.catalina.core.StandardContextValve/1.0
2003-05-01 13:04:16 ContextConfig[/admin]: ======================
2003-05-01 13:04:16 NamingContextListener[/Standalone/localhost/admin]:
Creating JNDI naming context
2003-05-01 13:04:16
NamingContextListener[/Standalone/localhost/admin]:   Resource
parameters for UserTransaction = null
2003-05-01 13:04:16 StandardManager[/admin]: Seeding random number
generator class java.security.SecureRandom
2003-05-01 13:04:16 StandardManager[/admin]: Seeding of random number
generator has been completed
2003-05-01 13:04:16 StandardContext[/admin]: Posting standard context
attributes
2003-05-01 13:04:16 StandardContext[/admin]: Configuring application
event listeners
2003-05-01 13:04:16 StandardContext[/admin]: Sending application start
events
2003-05-01 13:04:16 StandardContext[/admin]: Starting filters
2003-05-01 13:04:16 StandardWrapper[/admin:default]: Loading container
servlet default
2003-05-01 13:04:34 StandardWrapper[/admin:invoker]: Loading container
servlet invoker
2003-05-01 13:04:34 StandardContext[/admin]: Starting completed
2003-05-01 13:04:56 Authenticator[/admin]: Security checking request GET
/admin/
2003-05-01 13:04:56 Authenticator[/admin]:   Checking constraint
'SecurityConstraint[Protected Area]' against GET / --> false
2003-05-01 13:04:56 Authenticator[/admin]:   No applicable constraint
located
2003-05-01 13:04:56 Authenticator[/admin]:  Not subject to any
constraint
2003-05-01 13:04:56 StandardContext[/admin]: Mapping
contextPath='/admin' with requestURI='/admin/' and relativeURI='/'
2003-05-01 13:04:56 StandardContext[/admin]:   Trying exact match
2003-05-01 13:04:56 StandardContext[/admin]:   Trying prefix match
2003-05-01 13:04:56 StandardContext[/admin]:   Trying extension match
2003-05-01 13:04:56 StandardContext[/admin]:   Trying default match
2003-05-01 13:04:56 StandardContext[/admin]:  Mapped to servlet
'default' with servlet path '/' and path info 'null' and update=true
2003-05-01 13:04:56 Authenticator[/admin]: Security checking request GET
/admin/index.jsp
2003-05-01 13:04:56 Authenticator[/admin]:   Checking constraint
'SecurityConstraint[Protected Area]' against GET /index.jsp --> true

************************



2003-05-01 13:04:56 Authenticator[/admin]:  Subject to constraint
SecurityConstraint[Protected Area]
2003-05-01 13:04:56 Authenticator[/admin]:  Calling checkUserData()
2003-05-01 13:04:56 Authenticator[/admin]:   User data constraint has no
restrictions
2003-05-01 13:04:56 Authenticator[/admin]:  Calling authenticate()
2003-05-01 13:04:56 Authenticator[/admin]: Save request in session
'580F1D722AF1810120356942BC17D43E'
2003-05-01 13:04:56 Authenticator[/admin]: Redirect to login page
'/admin/login.jsp'
2003-05-01 13:04:56 Authenticator[/admin]:  Failed authenticate() test
2003-05-01 13:04:56 Authenticator[/admin]: Security checking request GET
/admin/login.jsp
2003-05-01 13:04:56 Authenticator[/admin]:   Checking constraint
'SecurityConstraint[Protected Area]' against GET /login.jsp --> true
2003-05-01 13:04:57 Authenticator[/admin]:  Subject to constraint
SecurityConstraint[Protected Area]
2003-05-01 13:04:57 Authenticator[/admin]:  Calling checkUserData()
2003-05-01 13:04:57 Authenticator[/admin]:   User data constraint has no
restrictions
2003-05-01 13:04:57 Authenticator[/admin]:  Calling authenticate()
2003-05-01 13:04:57 Authenticator[/admin]: Requesting login page
normally
2003-05-01 13:04:57 Authenticator[/admin]:  Calling accessControl()
2003-05-01 13:04:57 Authenticator[/admin]:  Allow access to login page
/admin/login.jsp
2003-05-01 13:04:57 Authenticator[/admin]:  Successfully passed all
security constraints
2003-05-01 13:04:57 StandardContext[/admin]: Mapping
contextPath='/admin' with requestURI='/admin/login.jsp' and
relativeURI='/login.jsp'
2003-05-01 13:04:57 StandardContext[/admin]:   Trying exact match
2003-05-01 13:04:57 StandardContext[/admin]:   Trying prefix match
2003-05-01 13:04:57 StandardContext[/admin]:   Trying extension match
2003-05-01 13:04:57 StandardContext[/admin]:  Mapped to servlet 'jsp'
with servlet path '/login.jsp' and path info 'null' and update=true
2003-05-01 13:05:15 Authenticator[/admin]: Security checking request
POST /admin/j_security_check
2003-05-01 13:05:15 Authenticator[/admin]: Authenticating username
'bill'
2003-05-01 13:05:15 Authenticator[/admin]: Authentication of 'bill' was
successful
2003-05-01 13:05:15 Authenticator[/admin]: Redirecting to original
'/admin/index.jsp'
2003-05-01 13:05:15 Authenticator[/admin]:  Failed authenticate() test
2003-05-01 13:05:15 Authenticator[/admin]: Security checking request GET
/admin/index.jsp
2003-05-01 13:05:15 Authenticator[/admin]:   Checking constraint
'SecurityConstraint[Protected Area]' against GET /index.jsp --> true
2003-05-01 13:05:15 Authenticator[/admin]:  Subject to constraint
SecurityConstraint[Protected Area]
2003-05-01 13:05:15 Authenticator[/admin]:  Calling checkUserData()
2003-05-01 13:05:15 Authenticator[/admin]:   User data constraint has no
restrictions
2003-05-01 13:05:15 Authenticator[/admin]:  Calling authenticate()
2003-05-01 13:05:15 Authenticator[/admin]: Restore request from session
'580F1D722AF1810120356942BC17D43E'
2003-05-01 13:05:15 Authenticator[/admin]: Authenticated 'bill' with
type 'FORM'
2003-05-01 13:05:15 Authenticator[/admin]: Proceed to restored request
2003-05-01 13:05:15 Authenticator[/admin]:  Calling accessControl()
2003-05-01 13:05:15 Authenticator[/admin]:  Failed accessControl() test





---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
This electronic transmission is strictly confidential to Smith & Nephew and
intended solely for the addressee.  It may contain information which is
covered by legal, professional or other privilege.  If you are not the
intended addressee, or someone authorized by the intended addressee to
receive transmissions on behalf of the addressee, you must not retain,
disclose in any form, copy or take any action in reliance on this
transmission.  If you have received this transmission in error, please
notify the sender as soon as possible and destroy this message.

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message