6 Replies Latest reply on Jan 13, 2005 7:51 AM by javiery

    403 - Access to the requested resource has been denied

    infectedrhythms Novice

      I am trying to set up jass security on my web site and am getting: 403 - Access to the requested resource has been denied.

      This is in my login-config.xml...

       <application-policy name = "Mamoth">
       <authentication>
       <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
       flag = "required">
       <module-option name = "unauthenticatedIdentity">guest</module-option>
       <module-option name = "dsJndiName">java:/jdbc/MamothDB</module-option>
       <module-option name = "principalsQuery">select Password from users where Username=?</module-option>
       <module-option name = "rolesQuery">select Username, Role from UserRoles where username=?</module-option>
       </login-module>
       </authentication>
       </application-policy>
      


      This is in my web.xml...
      <?xml version="1.0" encoding="ISO-8859-1"?>
      
      <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd">
      
      <web-app>
       <display-name>mamoth Blue</display-name>
       <description>mamoth Blue web site</description>
      
      
       <security-constraint>
       <web-resource-collection>
       <web-resource-name>Mamoth</web-resource-name>
       <description>Mamoth Blue security</description>
       <url-pattern>/*</url-pattern>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
       </web-resource-collection>
       <auth-constraint>
       <role-name>Admin</role-name>
       </auth-constraint>
       </security-constraint>
      
      
       <login-config>
       <auth-method>BASIC</auth-method>
       <realm-name>Mamoth Blue</realm-name>
       </login-config>
      
       <security-role>
       <role-name>Admin</role-name>
       </security-role>
      
      
      
       <welcome-file-list>
       <welcome-file>index.jsp</welcome-file>
       </welcome-file-list>
      
       <resource-ref>
       <description>DB Connection</description>
       <res-ref-name>jdbc/MamothDB</res-ref-name>
       <res-type>javax.sql.DataSource</res-type>
       <res-auth>Container</res-auth>
       </resource-ref>
      
      
       <!--
       //-->
      </web-app>
      


      And this is in my jboss-web.xml...

      <?xml version="1.0" encoding="UTF-8"?>
      
      <!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.3//EN" "http://www.jboss.org/j2ee/dtds/jboss-web_3_0.dtd">
      
      <jboss-web>
       <context-root>/mamoth</context-root>
       <security-domain>java:/jaas/Mamoth</security-domain>
       <resource-ref>
       <res-ref-name>jdbc/MamothDB</res-ref-name>
       <jndi-name>java:/jdbc/MamothDB</jndi-name>
       </resource-ref>
      </jboss-web>
      


      Any ideas? Thanks!