2 Replies Latest reply on Nov 19, 2003 8:21 AM by jimbrady

    Unexpected behaviour of jetty when accessing a restricted re

    DRAI William Newbie

      I am using a webapp in JBoss 3.2.1 / Jetty with a simple security setup :
      /home/* restricted to role 'user'
      /admin/* restricted to role 'admin'

      When a user with the simple role 'user' logs in, he has access to the /home directory as expected.
      When this user then tries to access a page in the /admin directory, he is redirected to the login page instead of getting a HTTP 403 error as specified in the servlet spec.

      Is it a configuration problem or a bug in jetty ?