0 Replies Latest reply on May 8, 2004 2:13 AM by Marcus

    Authentication-problem drives me crazy (error 403)

    Marcus Newbie

      Hi,
      I have an problem with jboss3.2.3 (incl. Tomcat).
      I've implemented an own login-module which works correctly. With an small java-client I was able to login and use the remote facades.
      Using an jsp-client (FORM-based authentication) I receive only http-403-errors : The Logon-form will be displayed, my login-module will be invoked but all I receive is the 403-errror. Do you have an idea ?

      <web-app>
      <welcome-file-list>
      <welcome-file>/index.jsp</welcome-file>
      </welcome-file-list>

      <security-constraint>
      <display-name>ECE</display-name>
      <web-resource-collection>
      <web-resource-name>ECE</web-resource-name>
      <url-pattern>/app/*</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      <http-method>PUT</http-method>
      <http-method>HEAD</http-method>
      <http-method>DELETE</http-method>
      </web-resource-collection>
      <auth-constraint>
      Allowed only for users of system
      <role-name>USER</role-name>
      </auth-constraint>
      <user-data-constraint>
      <transport-guarantee>NONE</transport-guarantee>
      </user-data-constraint>
      </security-constraint>

      <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
      <form-login-page>/logon.jsp</form-login-page>
      <form-error-page>/index.jsp</form-error-page>
      </form-login-config>
      </login-config>

      <security-role>
      Required roles
      <role-name>USER</role-name>
      </security-role>

      </web-app>

      Thanks,
      Marcus