You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-user@portals.apache.org by Vladimir Simjanoski <vl...@gmail.com> on 2006/01/31 09:18:06 UTC

Authorization problems

Hi all,

I have installed new jetspeed instance (from source) this morning (using
allClean/allBuild/quickStart maven goals).
I'm using Tomcat 5.5.15 and Oracle9i.

I could get the welcome page and logging in with "admin" user/role worked.
But, if I try to log in with "manager" or "user",
I just got "HTTP Status 403 *(*Access to the requested resource has been
denied)" error page.
I checked in TOMCAT_HOME/webapps/jetspeed/WEB-INF/web.xml and found this
fragment:

  <!-- Protect LogInRedirectory.jsp.  This will require a login when called
-->
  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Login</web-resource-name>
      <url-pattern>/login/redirector</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>*</role-name>
    </auth-constraint>
  </security-constraint>

I can't explain why it doesn't work. If I explicitly put "manager" in
<role-name> (instead of "*"), it works without problems.
Can somebody point me what am I missing?

Thanks,
Vlade