2 Replies Latest reply on Jul 27, 2006 3:10 PM by Gary Winklosky

    HTTP Status 403 error ocurred when I switch portal authentic

    Bruce Newbie

      I change the jboss-portal.sar/conf/login-config.xml like this:

      =========================================
      <?xml version='1.0'?>

      <application-policy name="portal">
      <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
      <module-option name="java.naming.factory.initial">
      com.sun.jndi.ldap.LdapCtxFactory
      </module-option>
      <module-option name="java.naming.provider.url">
      ldap://172.24.40.75:389
      </module-option>
      <module-option name="java.naming.security.authentication">
      simple
      </module-option>

      <module-option name="principalDNPrefix">CN=</module-option>
      <module-option name="principalDNSuffix">
      ,OU=SEE,O=SEC
      </module-option>

      <module-option name="rolesCtxDN">
      OU=SEE,O=SEC
      </module-option>
      <module-option name="uidAttributeID">CN</module-option>
      <module-option name="matchOnUserDN">false</module-option>
      <module-option name="roleAttributeID">OU</module-option>
      <module-option name="roleAttributeIsDN">false </module-option>

      </login-module>

      </application-policy>

      <application-policy name="webdav">
      <login-module code="org.jboss.security.auth.spi.LdapLoginModule" flag="required">
      <module-option name="java.naming.factory.initial">
      com.sun.jndi.ldap.LdapCtxFactory
      </module-option>
      <module-option name="java.naming.provider.url">
      ldap://172.24.40.75:389
      </module-option>
      <module-option name="java.naming.security.authentication">
      simple
      </module-option>

      <module-option name="principalDNPrefix">CN=</module-option>
      <module-option name="principalDNSuffix">
      ,OU=SEE,O=SEC
      </module-option>

      <module-option name="rolesCtxDN">
      OU=SEE,O=SEC
      </module-option>
      <module-option name="uidAttributeID">CN</module-option>
      <module-option name="matchOnUserDN">false</module-option>
      <module-option name="roleAttributeID">OU</module-option>
      <module-option name="roleAttributeIsDN">false</module-option>
      </login-module>

      </application-policy>

      =========================================

      Then I opened jboss-portal page and login in with LDAP account.
      I do believe the LDAP authentication is success.

      The portal transfer to this URL:
      http://localhost:8080/portal/auth/index.html?ctrl:id=window.default.CMSPortletWindow&ctrl:type=action&org.jboss.portal%23PATH=%2F

      and displayed:
      HTTP Status 403 - Access to the requested resource has been denied

      --------------------------------------------------------------------------------

      type Status report

      message Access to the requested resource has been denied

      description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.


      --------------------------------------------------------------------------------

      Apache Tomcat/5.5.9


      What can I do to solve the problem?What is the possible reason?
      I am new to jboss-portal and jboss as, please help.
      thanks in advance.

        • 1. Re: HTTP Status 403 error ocurred when I switch portal authe
          Gary Winklosky Newbie

          I received the same error and to get past it I added one more module option:

          <module-option name="defaultRole">Authenticated</module-option>

          Following the change I was able to log in with a user stored in LDAP and I did not have to create an Authenticated role in my LDAP.

          However, two portlets on the default page threw exceptions:

          An internal error occured while rendering window 'default.default.HelloWorldPortletWindow:HelloWorldPortletWindow'
          java.lang.IllegalArgumentException: No null portlet accepted

          An internal error occured while rendering window 'default.default.Hello:Hello'
          java.lang.IllegalArgumentException: No null portlet accepted

          And one portlet on the Test page failed:
          Cannot render
          Object not found PreferencesPortletInstance


          Downloaded Package (JBoss Portal + JBoss AS 2.4-CR2)
          Fedora Directory Server
          Oracle 10.1.0 (portal database)

          • 2. Re: HTTP Status 403 error ocurred when I switch portal authe
            Gary Winklosky Newbie

            Those errors had nothing to do with the LDAP fix.

            The no null portlet accepted errors were due to another developer using the same Oracle DB for portal dev.

            And the Object not found PortletPreferencesInstance occurred with the standard install (no Oracle DB and no LDAP), I just hadn't noticed it.