tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Bill Barker" <wbar...@wilshire.com>
Subject Re: password authentication causes 403 error
Date Sun, 18 Sep 2005 01:31:38 GMT

<paul@webotech.co.uk> wrote in message 
news:20050916160544.A77BC5C08C@ws5.spacesurfer.com...
> Hi there,
> I would like to set up my development tomcat-5.0.28 (on port 8080) so that 
> all webapps that are not password protected, to have password 
> authentification. Since it is my dev box I would like to use the memory 
> realm.
> I have this in my web.xml:
> <security-constraint>
> <web-resource-collection>
> <url-pattern>/*</url-pattern>
> <http-method>GET</http-method>
> <http-method>POST</http-method>
> </web-resource-collection>
> <auth-constraint role-name="admin"/>

It's:
  <auth-constraint>
      <role-name>admin</role-name>
  </auth-constraint>

What you have (other than being invalid, if validation-checking was enabled 
:), tells Tomcat to forbid access to everyone.

> <user-data-constraint>
> <transport-guarantee>NONE</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
> <login-config>
> <auth-method>BASIC</auth-method>
> </login-config>
>
> I have this in my tomcat-users.xml:
> <tomcat-users>
> <role rolename="tomcat"/>
> <role rolename="role1"/>
> <role rolename="manager"/>
> <role rolename="admin"/>
> <user username="mylogin" password="mypassword" 
> roles="admin,manager,role1"/>
> </tomcat-users>
> If I go to http://localhost:8080/manager it asks me to login and then 
> gives me access to the webapp as expected. If I go to 
> http://localhost:8080/ it asks me to login and if I get it wrong is gives 
> me a 401 error as expected but if I get it right it gives me a 403 error 
> instead of allowing access to the webapp. This happens with all webapps 
> that do not have their own authentication.
> How do I configure tomcat to give me access to my webapps when I login 
> correctly?
> Thanks,
> Paul
> --
> Paul Mackinlay (PhD, MEng)
> http://www.webotech.co.uk/
> paul@webotech.co.uk
> Tel: +44(0)7050 699971
> Fax: +44(0)7050 699972 




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message