tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henke <>
Subject Wrong userrole gets me 403 error code
Date Mon, 08 May 2006 19:48:23 GMT

  In a application i´m using JDBCRealm and form-based login to
  authenticate the user. But i have som problems.

  When i enter a user with correct username, password and role everything
  works fine. Entering username or password incorrect i´m beeing
  redirected to the login-error-page, that´s correct. But when i enter
  username and password that exist in the DB but the user don´t have the
  correct role i´m still authenticated or get the error code 403, if i´m
  authenticated and click the logout i got the 403 message.

  All my application shares the symptoms, even admin and manager. Can i
  fix this??

  I searched the internet for an answer to this and found this Thread from
   years ago.

  And the answer:

  As it says the formbased doesn´t care about the role. But why does it
  care about it when you are using basic authentication.

  I don´t post any code because i´m followed the documentation to setup
  the JDBCRealm. The only difference is that my user_role is a view not a
  table. It´s in my opinion a ugly database design to only have
  "user_table" and "user_role" table in a many-to-many relationship....

  End talking about databasedesign. I simply wonder if it is any solution
  to this problem besides taking care of it in the application.

  Thanks a lot in advance!


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message