A friendly place for programming greenhorns!
Big Moose Saloon
Register / Login
Win a copy of
this week in the
Web Component Certification (SCWCD/OCPJWCD)
HTTP Status 403 Access to the requested resource has been denied
Joined: May 24, 2009
Oct 09, 2009 21:16:14
Can someone please help me figure out what is wrong with the configuration below
I keep getting "HTTP Status 403 - Access to the requested resource has been denied" when I run the application.
I'm using netbeans 6.7.1 with
this is my web.xml
<?xml version="1.0" encoding="UTF-8"?> <web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> <session-config> <session-timeout> 30 </session-timeout> </session-config> <security-constraint> <web-resource-collection> <web-resource-name>Chapter12Test</web-resource-name> <http-method>GET</http-method> <http-method>POST</http-method> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint>Admin</auth-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/index.html</form-login-page> <form-error-page>/loginerror.html</form-error-page> </form-login-config> <realm-name>Chapter12Test</realm-name> </login-config> <welcome-file-list> <welcome-file>index.jsp</welcome-file> </welcome-file-list> <security-role> <description>Has access to everything</description> <role-name>manager</role-name> <role-name>role1</role-name> <role-name>tomcat</role-name> <role-name>Admin</role-name> </security-role> </web-app>
this is my tomcat-users.xml file
<?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="manager"/> <role rolename="Admin"/> <role rolename="Member"/> <role rolename="Guest"/> <role rolename="tomcat"/> <role rolename="role1"/> <user username="tomcat" password="tomcat" roles="tomcat,manager"/> <user username="both" password="tomcat" roles="tomcat,role1"/> <user username="user1" password="password1" roles="manager"/> <user username="role1" password="tomcat" roles="role1,manager"/> <user username="moses" password="moses" roles="Admin"/> </tomcat-users>
I was expecting a log in screen to pop up when ever the application is run.
All 3 files index.jsp, index.html and loginerror.html are outside the WEB-INF directory
Joined: Oct 17, 2008
Oct 09, 2009 21:23:18
In specification it is written
The realm-name indicates the realm name to use in HTTP BASIC authentication.
I don't know whether you can use realm name in case of FORM based authentication.
Joined: May 24, 2009
Oct 10, 2009 08:18:55
I took out the realm name from "<login-config>" and it is still not working.
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link:
subject: HTTP Status 403 Access to the requested resource has been denied
username and password are not getting verified by tomcat
Problem While Enabling Authentication
Redirect to the requested page failed using form-based authentication
Authentication and Authorization implementation using DD Problem
security constraint - not working
All times are in JavaRanch time: GMT-6 in summer, GMT-7 in winter
| Powered by
Copyright © 1998-2015