I see your post is month and a half old. Did you find out why that happens? Exactly the same happens for me. Plain Text works, application/xml returns 403 Forbidden

I'm have the exact same problem. Anyone can help?

I was also having this or a similar problem, although I switched from xml to text/plain and the problem still occurred. Turns out that XML is not the problem - I now have one that produces application/xml with no problem...

I found that there appears to be a bug wherein injected Home/List components are null unless you put the unexpected (create=true)
on the @In annotation; not sure why this is needed as the Home and List already exist.

Incidentally I only found this by looking in the SERVER log file (e.g., the file /usr/local/jboss/server/default/log/server.log), not the standard output. So if any of you are still having this problem, a look in the server log file may be of interest as it often has more detail than the standard out.

I've also noticed that Seam Components that are JaxRS resources do not appear to take part in hot deployment (ant explode does not reload them, ant restart does).

Could you file a JIRA issue and provide a testcase/simple app that shows the problem?

I have the same problem when I try and execute a query with the entity manager.

@In(create=true)
     private EntityManager entityManager;

     
     @GET
     @Path("/{registrationCode}")
     @Produces("text/plain")
    public Response get(@PathParam("registrationCode") String registrationCode, 
              @QueryParam("key") String imei, ) {
// throws it when I exectute the query
     try
          {     
               entityManager.createQuery(criteria).getSingleResult();
               return true;
          }catch(NoResultException ex){
               return false;
          }
}

Hi,

I am developing my first seam application and it uses Seam Rest mostly accessed by devices. Android or IPhone applications. I have faced this situations 2 times, first one happened because of a seam injection I was trying on the rest service and when seam tried to construct the object do do the injection a required field was missing(null) and than in the client side(device) I received a 403 Forbidden, the second one I was trying to implement GSon (Google JSon parser) in the REST endpoint and it turned out that despite the fact I had added GSon libs to eclipse project I missed placing it to lib and adding it to deployed-jars-ear.list and a ClassNotFound was triggered at runtime in the REST endpoint which caused the client to also receive a 403 Forbidden, than so far what I have learned is.

1) As mentioned by Ian above in this thread about looking at the REAL server.log file is essential to find out what is the problem.

2) The error 403 Forbidden is standard returned by rest easy when you have some not expected errors happening at runtime in the REST service.

I would say the point 2 just mentioned is a bit confusing if you take a look at the HTTP return code specs ( http://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html ) :

403 Forbidden

The server understood the request, but is refusing to fulfill it. Authorization will not help and the request SHOULD NOT be repeated. If the request method was not HEAD and the server wishes to make public why the request has not been fulfilled, it SHOULD describe the reason for the refusal in the entity. If the server does not wish to make this information available to the client, the status code 404 (Not Found) can be used instead.

As per my understanding the error code returned should be 500, because it is specifically a internal server error. I believe this causes a lot of misunderstanding in this specific case for me as I spent plenty time in it, looking the client side code, wasted time.

Hope that help saving someone else time :)

I also believe this should be fixed, but I am not sure about where this should be done. Rest Easy?  JBoss Server?  Seam? who should deal with it?

regards.

THIS WAS THE CORRECT ANSWER FOR ME

This issue occurs when you try to use a variable that wasn't

set create equals true in the @In area for the field being used.

Hi,
I also have the access denied HTTP 403 when I access the url who has my own defined request parameter and parameters generated by app. like cid, conversationPropagation as followed.

http://localhost:8080/Lave/pages/admin/listeCodeLibelle.xhtml?myParam=consigne&cid=2&conversationPropagation=end

If I type myself only this

http://localhost:8080/Lave/pages/admin/listeCodeLibelle.xhtml?myParam=consigne

it works.

I tried to add create equals tru in all @In but it doesnt work for me.

Does anyone have idea?

Thanks!