Hi,
I have an problem with jboss3.2.3 (incl. Tomcat).
I've implemented an own login-module which works correctly. With an small java-client I was able to login and use the remote facades.
Using an jsp-client (FORM-based authentication) I receive only http-403-errors : The Logon-form will be displayed, my login-module will be invoked but all I receive is the 403-errror. Do you have an idea ?
<web-app>
<welcome-file-list>
<welcome-file>/index.jsp</welcome-file>
</welcome-file-list>
<security-constraint>
<display-name>ECE</display-name>
<web-resource-collection>
<web-resource-name>ECE</web-resource-name>
<url-pattern>/app/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>HEAD</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
Allowed only for users of system
<role-name>USER</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/logon.jsp</form-login-page>
<form-error-page>/index.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
Required roles
<role-name>USER</role-name>
</security-role>
</web-app>
Thanks,
Marcus