Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Regarding Authentication & Authorization

 
Akshay Singhvi
Ranch Hand
Posts: 93
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ranchers,

Well my problem is I'm getting "HTTP Status 403 - Access to the requested resource has been denied" errror page.My <security-constraint> tag details are:
<security-constraint>
<web-resource-collection>
<web-resource-name>Authorization</web-resource-name>
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>admin</auth-constraint>
</security-constraint>
-------------------------------------------------
while my tomcat-users.xml entry are:
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="tomcat"/>
<role rolename="role1"/>
<role rolename="manager"/>
<role rolename="admin"/>
<user username="tomcat" password="tomcat" roles="tomcat"/>
<user username="role1" password="tomcat" roles="role1"/>
<user username="both" password="tomcat" roles="tomcat,role1"/>
<user username="admin" password="password-1" roles="admin,manager"/>
</tomcat-users>
-------------------------------------------------------------------
Well when i type <<http://localhost:8080/ELTest/Serv.do>> in my browser, a dialog box appears which ask for username and password when i type in
username: admin
password: password-1
it gives me HTTP status 403 error.
Can you tell me what thing I'm doing wrong..
 
Amit Tayal
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Akshay
It seems that you forgot to put <login-config> tag in DD.
Try putting the below mentioned code in your DD and see whether the resource is available or not.

Amit

<login-config>
<auth-method>BASIC</auth-method>
</login-config>
 
Akshay Singhvi
Ranch Hand
Posts: 93
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Amit,

I have put <login-config> tag ,but still it is not working...
 
Amit Tayal
Ranch Hand
Posts: 51
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There is a small mistake in <auth-contraint>
You forgot to add <role-name> over there.
code should me

<security-constraint>
<web-resource-collection>
<web-resource-name>Authorization</web-resource-name>
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint><role-name>admin</role-name></auth-constraint>
</security-constraint>
 
Akshay Singhvi
Ranch Hand
Posts: 93
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello Amit
Yes it worked Thankx!!!
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic