• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

index.htm not loading

 
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi all,
in my web.xml i gave the following entry

<welcome-file-list>
<welcome-file>index.htm</welcome-file>
</welcome-file-list>

I am using Acegi security framework for authentication,autherisation in my main application.
I merged main application,Jforum code into a single war also web.xml

And when i run the application its throwing 403.

I am highly puzzled where things went wrong. Did i miss any file in merging? Or is it Acegi doing wrong things? In Acegi security.xml i gave the entry for the whole templates folder and all its subcontent as shown below. While loading the welcome page will Acegi comes into picture???
/**/templates*=ROLE_ADMIN,ROLE_EMPLOYER,ROLE_EMPLOYEE


Thanks
Greg


[originally posted on jforum.net by gregjhonson]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Don't know Acegi.. but since 403 is "Forbidden access" and you're getting it on the default HTML page, I'd guess it's a Acegi config problem, since that's the security manager. Try asking on a forum/list that specializes in this.

FWIW, the template directory will never be referenced in a URL. These are loaded internally by Freemarker that is called via the jforum code that handles all *.page urls.. Do you want to secure the *.page URLs?
[originally posted on jforum.net by monroe]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks monroe .

The issue is with a web.xml which has an entry as given below. after removing this entry it works fine

<security-role>

<role-name>user</role-name>

</security-role>

<security-constraint>

<web-resource-collection>

<web-resource-name>Restricted Area</web-resource-name>

<url-pattern>*.page</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>user</role-name>

</auth-constraint>

</security-constraint>

<login-config>

<auth-method>BASIC</auth-method>

</login-config>
[originally posted on jforum.net by gregjhonson]
 
reply
    Bookmark Topic Watch Topic
  • New Topic