0 Replies Latest reply on Sep 21, 2005 5:04 AM by Per Jorgen Walstrom

    can log in, but access to other pages gives 401

    Per Jorgen Walstrom Newbie

      I have a web-application running under JBoss 4.0.1sp1. I use basic authentication on my web-application. It seems like the login mechanism is working fine; I am able to log in to my main web-page. But when I try to access any further pages from there, I get a 401-error (which means unauthorized):

      2005-09-21 09:41:19,407 ERROR [STDERR] javax.servlet.jsp.JspException: Exception reading resource http://localhost/sid-admin/topmenu.jsp: java.io.IOException: Server returned HTTP response code: 401 for URL: http://localhost/sid-admin/topmenu.jsp

      Does anybody have a solution to this? I do believe my URL-pattern is correctly defined?

      Here are excerpts from my web.xml and login-config.xml files:

       <!-- Define a Security Constraint on this Application -->
       <web-resource-name>Entire Application</web-resource-name>
       <description>Security constraint for sid-admin</description>
       <!-- Define the Login Configuration for this Application -->
       <realm-name>SID Administration</realm-name>
       <description>A user allowed to invoke the sid-admin application</description>

       <application-policy name="sid-administrator">
       <login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
       <module-option name="dsJndiName">java:/OracleDS</module-option>
       <module-option name="principalsQuery">select password from xyz_user where user_name=?</module-option>
       <module-option name="rolesQuery">select role, 'Roles' from xyz_user_role where user_name=?</module-option>