4 Replies Latest reply on Apr 24, 2003 3:12 PM by Peter Doornbosch

    Need help: Error 403 Access denied in JBoss Authorization

    wkuncoro Newbie

      Hi, I’m new to JBoss. We used to use Tomcat but now we are moving to JBoss3.0-Tomcat4.1. I have been trying to implement Form and BASIC security for some resources in my web applications, using realm SQL Server 2000 JDBC authentication. First I tried to run .war file in Tomcat and it was working fine. And now I bundle the .war file to .ear file, with the same source code as in Tomcat, and I set up necessary configuration, including adding jboss-web.xml.

      When I put wrong username/password, JBoss detects it. But when I write correct username/password I got error 403 Access is denied. I checked role and other settings and I feel I configured them correctly because it was working fine in .war file in Tomcat.

      I have spent so many hours on this. I have read both free and paid JBoss pdf documentations and followed examples in some websites but I still stuck in this error. Please anyone help me. This is my configuration, is there something I missed?

      There are 2 tables in SQL Server database: users and role. I assign role of manager to users there, and it was working well with Tomcat.

      I tried both BASIC and Form authentication.

      Thank you so much for any help.

      1. login-config.xml
      <application-policy name="jdbcRealm">

      <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
      <module-option name="dsJndiName">java:/MyDS</module-option>
      <module-option name="principalsQuery">select password from users where username=?</module-option>
      <module-option name="rolesQuery">select role, rolegroup from roles where username=?</module-option>


      2. mssql-service.xml

      <config-property name="ConnectionURL" type="java.lang.String">jdbc:JTurbo://</config-property>
      <config-property name="DriverClass" type="java.lang.String">com.newatlanta.jturbo.driver.Driver</config-property>
      <config-property name="UserName" type="java.lang.String">sa</config-property>
      <config-property name="Password" type="java.lang.String">sa</config-property>

      3. jboss.xml


      4. jboss-web.xml

      5. web.xml
      <display-name>Login Test</display-name>

      6. ejb-jar.xml