You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomee.apache.org by sgjava <sg...@gmail.com> on 2015/08/14 21:31:14 UTC

org.apache.tomee.embedded.Container basic auth returns 403

https://github.com/sgjava/tomee-jaxrs-test

You can see from the logging filter that the header is correct:

INFO: Headers: {Content-Type=[application/json], Accept=[*/*],
Authorization=[BASIC dG9tY2F0OnBhc3N3b3Jk]}

UserServiceAuthTest is what you want to look at.

javax.ws.rs.ForbiddenException: HTTP 403 Forbidden
	at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
	at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
	at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
	at
org.apache.cxf.jaxrs.client.AbstractClient.convertToWebApplicationException(AbstractClient.java:495)
	at org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:897)
	at org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:865)
	at org.apache.cxf.jaxrs.client.WebClient.invoke(WebClient.java:428)
	at
org.apache.cxf.jaxrs.client.WebClient$SyncInvokerImpl.method(WebClient.java:1636)
	at
org.apache.cxf.jaxrs.client.WebClient$SyncInvokerImpl.post(WebClient.java:1576)
	at
org.apache.cxf.jaxrs.client.spec.InvocationBuilderImpl.post(InvocationBuilderImpl.java:150)
	at
com.codeferm.services.jaxrs.UserServiceAuthTest.testAuth(UserServiceAuthTest.java:83)




--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/org-apache-tomee-embedded-Container-basic-auth-returns-403-tp4675891.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: org.apache.tomee.embedded.Container basic auth returns 403

Posted by sgjava <sg...@gmail.com>.

That was it! I can auth through a browser now, but my test client is kicking
back 404, so I'll have to work on that :) Thanks for your help. I'll let you
know when the working code is up on Github.



--
View this message in context: http://tomee-openejb.979440.n4.nabble.com/org-apache-tomee-embedded-Container-basic-auth-returns-403-tp4675891p4675897.html
Sent from the TomEE Users mailing list archive at Nabble.com.

Re: org.apache.tomee.embedded.Container basic auth returns 403

Posted by Romain Manni-Bucau <rm...@gmail.com>.

hehe,

we both did an error, on my side I reversed the role map (should be user =
roles)

on your side you set twice the same thing: users and roles is just a user
friendly API for a custom realm so if you set your own realm it is ignored
(you set configuration.setRealm(new MemoryRealm());)

should work fixing both issues


Romain Manni-Bucau
@rmannibucau <https://twitter.com/rmannibucau> |  Blog
<http://rmannibucau.wordpress.com> | Github <https://github.com/rmannibucau> |
LinkedIn <https://www.linkedin.com/in/rmannibucau> | Tomitriber
<http://www.tomitribe.com>

2015-08-14 12:31 GMT-07:00 sgjava <sg...@gmail.com>:

> https://github.com/sgjava/tomee-jaxrs-test
>
> You can see from the logging filter that the header is correct:
>
> INFO: Headers: {Content-Type=[application/json], Accept=[*/*],
> Authorization=[BASIC dG9tY2F0OnBhc3N3b3Jk]}
>
> UserServiceAuthTest is what you want to look at.
>
> javax.ws.rs.ForbiddenException: HTTP 403 Forbidden
>         at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
> Method)
>         at
>
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
>         at
>
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
>         at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
>         at
>
> org.apache.cxf.jaxrs.client.AbstractClient.convertToWebApplicationException(AbstractClient.java:495)
>         at
> org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:897)
>         at
> org.apache.cxf.jaxrs.client.WebClient.doInvoke(WebClient.java:865)
>         at org.apache.cxf.jaxrs.client.WebClient.invoke(WebClient.java:428)
>         at
>
> org.apache.cxf.jaxrs.client.WebClient$SyncInvokerImpl.method(WebClient.java:1636)
>         at
>
> org.apache.cxf.jaxrs.client.WebClient$SyncInvokerImpl.post(WebClient.java:1576)
>         at
>
> org.apache.cxf.jaxrs.client.spec.InvocationBuilderImpl.post(InvocationBuilderImpl.java:150)
>         at
>
> com.codeferm.services.jaxrs.UserServiceAuthTest.testAuth(UserServiceAuthTest.java:83)
>
>
>
>
> --
> View this message in context:
> http://tomee-openejb.979440.n4.nabble.com/org-apache-tomee-embedded-Container-basic-auth-returns-403-tp4675891.html
> Sent from the TomEE Users mailing list archive at Nabble.com.
>