If I turn of JS in my browser and head up to
I get the same error in my browser...
thanks for the response.
But the testapplication don't uses any authentication. Only the facelets are proteced with a security-constraint. I disabled this constraint, but the effect stayed the same.
That's strange. I don't see how you can get a 403 if there is no security on the application.