3 Replies Latest reply on Oct 10, 2002 12:52 PM by Efrain Rocha

    Jboss Authentication

    Efrain Rocha Newbie

      Tool,

      thanks for your response.
      I followed the example that you posted but I am getting the following error when I try to access an html file.
      -----------------
      Apache Tomcat/4.0.3 - HTTP Status 403 - Access to the requested resource has been denied
      type Status report

      message Access to the requested resource has been denied

      description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
      ---------------

      where is my war file and config files

      Please advise

      Efrain

        • 1. Re: Jboss Authentication
          Efrain Rocha Newbie

          How do I attache files? :(

          • 2. Re: Jboss Authentication
            Brian Newbie

            I think this might be it...

            In your web.xml your declare:
            <url-pattern>/*</url-pattern>
            to be the secured area. This is where your login page resides, so it is protected and cannot be accessed without logging in first!!!

            I suggest making another folder in your auth.war, i.e. "secured" and putting all pages that you want secured in it (foo.html, etc.)
            Then change the above line in the web.xml to match:
            <url-pattern>secured/*</url-pattern>

            Just remember to include the "secured" (the name of the folder with the secured pages) in your path when you try to access the secured page. You should be redirected to the login page at that time.

            Hope this works for you,
            Brian

            • 3. Re: Jboss Authentication
              Efrain Rocha Newbie

              I gave it a try and I still get the same error
              ------------
              Apache Tomcat/4.0.3 - HTTP Status 403 - Access to the requested resource has been denied

              type Status report

              message Access to the requested resource has been denied

              description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
              -----------------

              some questions please

              1. Do I have to modify the auth.conf file ? or do I need to specify the permissions in some other file that I am missing?

              2. I think the /* should work since I get the login page it validates correctly the users. Fetches to the DB are done without a problem etc.... the problem is when I am authenticated and the page to be display has no permissions to be displayed. Well at least that's what I think is going on.


              any other clues?