tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From (Jonathan Pierce)
Subject Re:Connectors, Realms, 4.0.2b2 - 403 Access Denied
Date Tue, 05 Feb 2002 15:27:32 GMT

I'm posting this question a second time since I am not sure if mailer problems
on my end prevented it from reaching the list and I got no responses on the

The security implementation in Tomcat 4.0.2b2 and earlier seems to depend on
using redirect urls. This doesn't seem to work correctly with connectors such as
the IISAPI IIS connector.

What is the strategy for supporting basic or form based authentication through
connectors? Should this be implemented without using redirect?

I've configured Tomcat4.0.2b2 with the AJP 1.3 Connector and successfully
installed the iisapi dll from Tomcat3.3 into IIS. I am attempting to serve a
protected page through the connector using the protected realm example.

When I hit the page directly on port 8080, I get the expected login form
challenge behavior. When I hit the page through the connector, I get a 403
access denied error.

Is serving protected pages through connectors supposed to be supported in 4.0.2?

http://localhost:8080/examples/jsp/security/protected/index.jsp redirects to the
login screen as expected.

returns 403 - Access to the requested resource has been denied


This email and any files transmitted with it are for the named person's use only.  It may
contain confidential, proprietary or legally privileged information.  No confidentiality or
privilege is waived or lost by any mistransmission. If you receive this message in error,
please immediately delete it and all copies of it from your system, destroy any hard copies
of it and notify the sender.  You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended recipient. 

This email message has been swept by a virus software product for the presence of computer

To unsubscribe, e-mail:   <>
For additional commands, e-mail: <>

View raw message