Re: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server
ase.hasResourcePermission No role found: > TOPS_INTL_FIELD_USER_JECEWR > > 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT > have role [TOPS_INTL_FIELD_USER_ORD] > > 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: > TOPS_INTL_FIELD_USER_ORD > > 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT > have role [TOPS_INTERNATIONAL] > > 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: > TOPS_INTERNATIONAL > > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT > have role [TOPS_INTL_FIELD_USER_LAX] > > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: > TOPS_INTL_FIELD_USER_LAX > > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT > have role [TOPS_INTL_FIELD_USER_MIA] > > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: > TOPS_INTL_FIELD_USER_MIA > > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.authenticator.AuthenticatorBase.invoke Failed > accessControl() test > > > > > > > > The error messages on the screen looks like below: > > > > HTTP Status 403 – Forbidden > > > > Type Status Report > > > > Message Access to the requested resource has been denied > > > > Description The server understood the request but refuses to authorize > it. > > > > USPS_restricted > > > > > > > > > > > > > > Any idea what is that about? Again the Ream definition is: > > > > > connectionURL="ldaps://eagandcs-dev-sha2.usps.gov:636" > > connectionName="wasd...@devsub.dev.dce.usps.gov" > > connectionPassword="" > > authentication="simple" > > referrals="ignore" > > userSearch="(sAMAccountName={0})" > > userBase="DC=devsub,DC=dev,DC=dce,DC=usps,DC=gov" > > userSubtree="true" > > roleSearch="(member={0})" > > roleName="cn" > > roleSubtree="true" > > roleBase="DC=devsub,DC=dev,DC=dce,DC=usps,DC=gov" > > adCompat="true" > > /> > > > > > > > > Thanks > > Gary > > > > > > Peter > > PS: you should redact sensitive data from your mails. At least change > passwords now... google is NOT your friend in this case... > > > -Original Message- > > From: Luis Rodríguez Fernández [mailto:uo67...@gmail.com] > > Sent: Monday, April 15, 2019 3:47 AM > > To: Tomcat Users List > > Subject: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server > > > > Hello Gary, > > > > I would recommend you to add some debug to your JNDIReam [1]. For > debugging your ldap search filters ldapsearch can be your friend [2] :) > > > > Hope it helps, > > > > Luis > > > > [1] > > > https://stackoverflow.com/questions/12311496/how-to-debug-realm-feature-in-tomcat > > [2] > > > https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Examples-of-common-ldapsearches.html > > > > > > > > > > > > > > > > El vie., 12 abr. 2019 a las 0:23, Hua, Gary - Saint Louis, MO - > Contractor > > () escribió: > > > >> All: > >> > >> > >> > >> Sorry on my previous email I have some graphic contents that can not > >> be displayed. Now I change it to texts so you can see them > >> > >> > >> > >> *From:* Hua, Gary - Saint Louis, MO - Contractor [ > >> mailto:gang@usps.gov.INVALID ] > >> *Sent:* Thursday, April 11, 2019 4:29 PM > >> *To:* users@tomcat.apache.org > >> *Subject:* [EXTERNAL] Tomcat(9.0.13) Error in DEV Server > >> > >> > >> > >> Tomcat Experts: > >> > >> > >> > >>The Tomcat server works fine in my local computer with > >> application “TOPS“ in Eclipse. I deployed the TOPS application to our &
Re: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server
und: > TOPS_INTL_FIELD_USER_LAX > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT > have role [TOPS_INTL_FIELD_USER_MIA] > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: > TOPS_INTL_FIELD_USER_MIA > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] > org.apache.catalina.authenticator.AuthenticatorBase.invoke Failed > accessControl() test > > > > The error messages on the screen looks like below: > > HTTP Status 403 – Forbidden > > Type Status Report > > Message Access to the requested resource has been denied > > Description The server understood the request but refuses to authorize it. > > USPS_restricted > > > > > > > Any idea what is that about? Again the Ream definition is: > >connectionURL="ldaps://eagandcs-dev-sha2.usps.gov:636" > connectionName="wasd...@devsub.dev.dce.usps.gov" > connectionPassword="" > authentication="simple" > referrals="ignore" > userSearch="(sAMAccountName={0})" > userBase="DC=devsub,DC=dev,DC=dce,DC=usps,DC=gov" > userSubtree="true" > roleSearch="(member={0})" > roleName="cn" > roleSubtree="true" > roleBase="DC=devsub,DC=dev,DC=dce,DC=usps,DC=gov" > adCompat="true" > /> > > > > Thanks > Gary > > Peter PS: you should redact sensitive data from your mails. At least change passwords now... google is NOT your friend in this case... > -Original Message- > From: Luis Rodríguez Fernández [mailto:uo67...@gmail.com] > Sent: Monday, April 15, 2019 3:47 AM > To: Tomcat Users List > Subject: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server > > Hello Gary, > > I would recommend you to add some debug to your JNDIReam [1]. For debugging > your ldap search filters ldapsearch can be your friend [2] :) > > Hope it helps, > > Luis > > [1] > https://stackoverflow.com/questions/12311496/how-to-debug-realm-feature-in-tomcat > [2] > https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Examples-of-common-ldapsearches.html > > > > > > > > El vie., 12 abr. 2019 a las 0:23, Hua, Gary - Saint Louis, MO - Contractor > () escribió: > >> All: >> >> >> >> Sorry on my previous email I have some graphic contents that can not >> be displayed. Now I change it to texts so you can see them >> >> >> >> *From:* Hua, Gary - Saint Louis, MO - Contractor [ >> mailto:gang@usps.gov.INVALID ] >> *Sent:* Thursday, April 11, 2019 4:29 PM >> *To:* users@tomcat.apache.org >> *Subject:* [EXTERNAL] Tomcat(9.0.13) Error in DEV Server >> >> >> >> Tomcat Experts: >> >> >> >>The Tomcat server works fine in my local computer with >> application “TOPS“ in Eclipse. I deployed the TOPS application to our >> DEV web server eagnmnmed1f45 under webapps. >> >> >> >>After I started the Tomcat server (9.0.13) in DEV >> server and entered the TOPS home page URL >> http://eagnmnmed1f45:9080/TOPS-WEB/Welcome.do (It is >> http://localhost:8080/TOPS-WEB/Welcome.do in my local computer) in the >> browser, it was re-directed to >> https://eagnmnmed1f45:9443/TOPS-WEB/Welcome.do.and following error: >> >> >> >> >> >> *The website cannot display the page* >> >> HTTP 500 >> >> >> >> *Most likely causes:* >> >> - The website is under maintenance. >> - The website has a programming error. >> >> >> >> *What you can try:* >> >> >> >> [image: res://\\ieframe.dll/bullet.png] >> >> Refresh the page.Refresh the page. >> >> >> >> [image: res://\\ieframe.dll/bullet.png] >> >> Go back to the previous page.Go back to the previous page. >> >> >> >> [image: More information] >> >> More information >> >> >> >> >> >> atadmin@eagnmnmed1f45:/opt/TomCat/apache-tomcat-9.0.13/logs>tail -f >> catalina.out >> >> 5307 [main] WARN org.hibernate.cache.EhCacheProvider - Could not find >> configuration [LegDistanceImpl]; using defaults. >> >> 5764 [main] INFO o
RE: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server
dmin(NAT_TOPS_ADMIN,)] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_INQUIRY] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_INQUIRY 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_ADMIN] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_ADMIN 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_SFO] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_SFO 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_MODELING] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_MODELING 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INQUIRY] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INQUIRY 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_EDITOR] 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_EDITOR 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_JFK] 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_JFK 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_JECEWR] 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_JECEWR 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_ORD] 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_ORD 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTERNATIONAL] 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTERNATIONAL 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_LAX] 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_LAX 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_MIA] 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_MIA 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.authenticator.AuthenticatorBase.invoke Failed accessControl() test The error messages on the screen looks like below: HTTP Status 403 – Forbidden Type Status Report Message Access to the requested resource has been denied Description The server understood the request but refuses to authorize it. USPS_restricted Any idea what is that about? Again the Ream definition is: Thanks Gary -Original Message- From: Luis Rodríguez Fernández [mailto:uo67...@gmail.com] Sent: Monday, April 15, 2019 3:47 AM To: Tomcat Users List Subject: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server Hello Gary, I would recommend you to add some debug to your JNDIReam [1]. For debugging your ldap search filters ldapsearch can be your friend [2] :) Hope it helps, Luis [1] https://stackoverflow.com/questions/12311496/how-to-debug-realm-feature-in-tomcat [2] https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Examples-of-common-ldapsearches.html El vie