You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@geronimo.apache.org by lfbarragan <lf...@gmail.com> on 2008/07/27 16:58:32 UTC
Re: JAAS - Authentication succeeded but error 403 sent
Hi Lukasz,
Did you have any luck fixing this issue?
I'm facing a similar problem but in my case I'm getting an "Authentication
succeeded" message in the login-attemps.log file
07/27/2008 17:28:07 - Authentication attempt - adminp
07/27/2008 17:28:07 - Authentication succeeded - adminp
even though I tried to log in with a non existing user. And at the same
time I get the following message in the browser:
HTTP Status 403 -
type Status report
message
description Access to the specified resource () has been forbidden.
Any ideas?
I'm using Geronimo 2.0.2 with myFaces and mySQL and I followed this
http://forums.sun.com/thread.jspa?threadID=5291658&messageID=10231309 post
to install the whole thing
Thanks in advance
Xh wrote:
>
> Hi All!
>
> I have successfully deployed my own form based security realm.
>
> But very strange thing happens.
>
> When I enter wrong username and password in my audit log I have:
>
> 07/13/2007 16:38:03 - Authentication attempt - asdsadasdsda
> 07/13/2007 16:38:03 - Authentication failed - asdsadasdsda
>
> result: I'm being forwarded to error.jsp page
>
> When I enter correct username and password I have:
> 07/13/2007 16:38:51 - Authentication attempt - xh
> 07/13/2007 16:38:51 - Authentication succeeded - xh
>
> result: 403 header are sent:
>
> Server: Apache-Coyote/1.1
> Pragma: No-cache
> Cache-Control: no-cache
> Expires: Thu, 01 Jan 1970 01:00:00 CET
> Content-Type: text/html;charset=utf-8
> Content-Length: 972
> Date: Fri, 13 Jul 2007 14:38:03 GMT
>
> 403 Forbidden
>
> why?
>
> I understand that in order to help me You need more information, but which
> file
> should I copy&caste?
> web.xml (security-constraint etc.)
> geronimo-web.xml (role-mappings, principals, etc.)
> geronimo-application.xml (gbean definition, I'm not using server-wide
> realm)
>
> thanks in advance for any help
>
> best regards
> Lukasz
>
>
>
>
> ___________________________________________________________
> Yahoo! Mail is the world's favourite email. Don't settle for less, sign up
> for
> your free account today
> http://uk.rd.yahoo.com/evt=44106/*http://uk.docs.yahoo.com/mail/winter07.html
>
--
View this message in context: http://www.nabble.com/JAAS---Authentication-succeeded-but-error-403-sent-tp11581226s134p18677151.html
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
Re: JAAS - Authentication succeeded but error 403 sent
Posted by Łukasz Budnik <lu...@gmail.com>.
Hi,
Try switching to Geronimo 2.1.x.
And I don't have any problems with 403 errors now.
Best regards
Łukasz
2008/7/27 lfbarragan <lf...@gmail.com>:
>
> Hi Lukasz,
>
> Did you have any luck fixing this issue?
>
> I'm facing a similar problem but in my case I'm getting an "Authentication
> succeeded" message in the login-attemps.log file
>
> 07/27/2008 17:28:07 - Authentication attempt - adminp
> 07/27/2008 17:28:07 - Authentication succeeded - adminp
>
> even though I tried to log in with a non existing user. And at the same
> time I get the following message in the browser:
>
> HTTP Status 403 -
>
> type Status report
>
> message
>
> description Access to the specified resource () has been forbidden.
>
> Any ideas?
>
> I'm using Geronimo 2.0.2 with myFaces and mySQL and I followed this
> http://forums.sun.com/thread.jspa?threadID=5291658&messageID=10231309 post
> to install the whole thing
>
> Thanks in advance
>
>
> Xh wrote:
>>
>> Hi All!
>>
>> I have successfully deployed my own form based security realm.
>>
>> But very strange thing happens.
>>
>> When I enter wrong username and password in my audit log I have:
>>
>> 07/13/2007 16:38:03 - Authentication attempt - asdsadasdsda
>> 07/13/2007 16:38:03 - Authentication failed - asdsadasdsda
>>
>> result: I'm being forwarded to error.jsp page
>>
>> When I enter correct username and password I have:
>> 07/13/2007 16:38:51 - Authentication attempt - xh
>> 07/13/2007 16:38:51 - Authentication succeeded - xh
>>
>> result: 403 header are sent:
>>
>> Server: Apache-Coyote/1.1
>> Pragma: No-cache
>> Cache-Control: no-cache
>> Expires: Thu, 01 Jan 1970 01:00:00 CET
>> Content-Type: text/html;charset=utf-8
>> Content-Length: 972
>> Date: Fri, 13 Jul 2007 14:38:03 GMT
>>
>> 403 Forbidden
>>
>> why?
>>
>> I understand that in order to help me You need more information, but which
>> file
>> should I copy&caste?
>> web.xml (security-constraint etc.)
>> geronimo-web.xml (role-mappings, principals, etc.)
>> geronimo-application.xml (gbean definition, I'm not using server-wide
>> realm)
>>
>> thanks in advance for any help
>>
>> best regards
>> Lukasz
>>
>>
>>
>>
>> ___________________________________________________________
>> Yahoo! Mail is the world's favourite email. Don't settle for less, sign up
>> for
>> your free account today
>> http://uk.rd.yahoo.com/evt=44106/*http://uk.docs.yahoo.com/mail/winter07.html
>>
>
> --
> View this message in context: http://www.nabble.com/JAAS---Authentication-succeeded-but-error-403-sent-tp11581226s134p18677151.html
> Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.
>
>