tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Liyi Meng <>
Subject Re: JAAS authentication goes OK, but 403 occurs on requesting resources
Date Wed, 02 Apr 2008 06:22:42 GMT

Hi Chuck,

Thanks for your reply. Here is my web.xml consider of security:

     <display-name>Security Constraint</display-name>
       <web-resource-name>Protected Area</web-resource-name>
         <!-- Define the context-relative URL(s) to be protected -->
   <!-- Anyone with one of the listed roles may access this area -->

   <!-- Default login configuration uses form-based authentication -->
   <realm-name>Example Form-Based Authentication Area</realm-name>

   <!-- Security roles referenced by this web application -->

Security role is out there, I believe. but I run tomcat in embedded  
way, start JAASRealm like this:

	JAASRealm jaasRealm = new JAASRealm();

// Start the embedded server
         running = true;

I don't know if there is problem in my Java code.


On Apr 2, 2008, at 12:34 AM, Caldarale, Charles R wrote:

>> From: Liyi Meng []
>> Subject: JAAS authentication goes OK, but 403 occurs on
>> requesting resources
>> When login, authentication goes OK, but when requesting
>> a resource, I always get 403 access denied!
> What's in the <security-constraint>, <login-config>, and <security- 
> role>
> sections of the web.xml for your webapp?  Have you left out the
> <security-role> element, by any chance?
>> Below is the code how I populate User and Role then save in Subject
> Your code is very similar to mine, which does work, so I don't  
> think the
> problem's there.
>  - Chuck
> MATERIAL and is thus for use only by the intended recipient. If you
> received this in error, please contact the sender and delete the e- 
> mail
> and its attachments from all computers.
> ---------------------------------------------------------------------
> To start a new topic, e-mail:
> To unsubscribe, e-mail:
> For additional commands, e-mail:

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message