2 Replies Latest reply on Jul 27, 2006 3:10 PM by winklosky

    HTTP Status 403 error ocurred when I switch portal authentic

    xgj6688
    xgj6688 Oct 17, 2005 3:23 AM

      I change the jboss-portal.sar/conf/login-config.xml like this:

      =========================================
      <?xml version='1.0'?>

      <application-policy name="portal">
      <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
      <module-option name="java.naming.factory.initial">
      com.sun.jndi.ldap.LdapCtxFactory
      </module-option>
      <module-option name="java.naming.provider.url">
      ldap://172.24.40.75:389
      </module-option>
      <module-option name="java.naming.security.authentication">
      simple
      </module-option>

      <module-option name="principalDNPrefix">CN=</module-option>
      <module-option name="principalDNSuffix">
      ,OU=SEE,O=SEC
      </module-option>

      <module-option name="rolesCtxDN">
      OU=SEE,O=SEC
      </module-option>
      <module-option name="uidAttributeID">CN</module-option>
      <module-option name="matchOnUserDN">false</module-option>
      <module-option name="roleAttributeID">OU</module-option>
      <module-option name="roleAttributeIsDN">false </module-option>

      </login-module>

      </application-policy>

      <application-policy name="webdav">
      <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
      <module-option name="java.naming.factory.initial">
      com.sun.jndi.ldap.LdapCtxFactory
      </module-option>
      <module-option name="java.naming.provider.url">
      ldap://172.24.40.75:389
      </module-option>
      <module-option name="java.naming.security.authentication">
      simple
      </module-option>

      <module-option name="principalDNPrefix">CN=</module-option>
      <module-option name="principalDNSuffix">
      ,OU=SEE,O=SEC
      </module-option>

      <module-option name="rolesCtxDN">
      OU=SEE,O=SEC
      </module-option>
      <module-option name="uidAttributeID">CN</module-option>
      <module-option name="matchOnUserDN">false</module-option>
      <module-option name="roleAttributeID">OU</module-option>
      <module-option name="roleAttributeIsDN">false</module-option>
      </login-module>

      </application-policy>

       =========================================

      Then I opened jboss-portal page and login in with LDAP account.
      I do believe the LDAP authentication is success.

      The portal transfer to this URL:
      http://localhost:8080/portal/auth/index.html?ctrl:id=window.default.CMSPortletWindow&ctrl:type=action&org.jboss.portal%23PATH=%2F

      and displayed:
      HTTP Status 403 - Access to the requested resource has been denied

      --------------------------------------------------------------------------------

      type Status report

      message Access to the requested resource has been denied

      description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.


      --------------------------------------------------------------------------------
      Apache Tomcat/5.5.9

      What can I do to solve the problem?What is the possible reason?
      I am new to jboss-portal and jboss as, please help.
      thanks in advance.

      • 3424 Views
      • Tags:
        • 1. Re: HTTP Status 403 error ocurred when I switch portal authe
          winklosky
          winklosky Jul 27, 2006 1:50 PM (in response to xgj6688)

          I received the same error and to get past it I added one more module option:

          <module-option name="defaultRole">Authenticated</module-option>

          Following the change I was able to log in with a user stored in LDAP and I did not have to create an Authenticated role in my LDAP.

          However, two portlets on the default page threw exceptions:

          An internal error occured while rendering window 'default.default.HelloWorldPortletWindow:HelloWorldPortletWindow'
          java.lang.IllegalArgumentException: No null portlet accepted

          An internal error occured while rendering window 'default.default.Hello:Hello'
          java.lang.IllegalArgumentException: No null portlet accepted

          And one portlet on the Test page failed:
          Cannot render
          Object not found PreferencesPortletInstance


          Downloaded Package (JBoss Portal + JBoss AS 2.4-CR2)
          Fedora Directory Server
          Oracle 10.1.0 (portal database)

            • Actions
          • 2. Re: HTTP Status 403 error ocurred when I switch portal authe
            winklosky
            winklosky Jul 27, 2006 3:10 PM (in response to xgj6688)

            Those errors had nothing to do with the LDAP fix.

            The no null portlet accepted errors were due to another developer using the same Oracle DB for portal dev.

            And the Object not found PortletPreferencesInstance occurred with the standard install (no Oracle DB and no LDAP), I just hadn't noticed it.

              • Actions