tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bruno Gonçalves <...@myrealbox.com>
Subject HTTP Status 403 (tomcat 5.0.28 & JAASRealm)
Date Mon, 21 Feb 2005 10:37:36 GMT
When I login in my application with a username&password valid I get a 
HTTP Status 403!
I'm using Tomcat 5.0.28 and JAASRealm.
I already looked into in my web.xml, and I think is alright.
The valid username & password: admin / admin

Anyone knows what's the problem?
Thanks..

web.xml:

    <!-- login config -->
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <!-- Define the context-relative URL(s) to be protected -->
            <url-pattern>/web/layouts/*</url-pattern>
            <url-pattern>/web/jsp/das/*</url-pattern>
            <!-- If you list http methods, only those methods are 
protected -->
            <http-method>DELETE</http-method>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
            <http-method>PUT</http-method>
        </web-resource-collection>
        <auth-constraint>
            <!-- Anyone with one of the listed roles may access this 
area -->
            <role-name>admin</role-name>
        </auth-constraint>
        <user-data-constraint>
            <transport-guarantee>NONE</transport-guarantee>
        </user-data-constraint>
    </security-constraint>

    <!-- Default login configuration uses form-based authentication -->
    <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>JAASRealm</realm-name>
        <form-login-config>
            <form-login-page>/security/login.jsp</form-login-page>
            <form-error-page>/security/login.jsp?error=1</form-error-page>
        </form-login-config>
    </login-config>

    <!-- Security roles referenced by this web application -->
    <security-role>
        <role-name>admin</role-name>
    </security-role>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message