[
http://issues.apache.org/jira/browse/JS2-496?page=comments#action_12368030 ]
Brad Svee commented on JS2-496:
-------------------------------
adding the following to the web.xml inside the <webapp> </webapp> will take
care of the problem in Tomcat 5.5.15, although adding roles through the UI will
require a modification here manually:
<security-role>
<role-name>
manager
</role-name>
<role-name>
user
</role-name>
<role-name>
admin
</role-name>
</security-role>
> J2 on tomcat 5.5.15: 403 returned to client browser when any user that
> doesn't have admin role attempts to log in
> -----------------------------------------------------------------------------------------------------------------
>
> Key: JS2-496
> URL: http://issues.apache.org/jira/browse/JS2-496
> Project: Jetspeed 2
> Type: Bug
> Components: Security
> Versions: 2.0-FINAL
> Environment: Tomcat 5.5.15 (JDK 1.5, Apache 2, Fedora Core 3)
> Reporter: Aaron Evans
>
> When J2 is deployed on tomcat 5.5.15, whenever any user that does not have
> the admin role logs in, a 403 is returned for the URI /login/redirector.
> This does not occur on earlier releases of tomcat (5.5.9 for example).
> The user is in fact authenticated, for if you delete the /login/redirector
> from the URL in the browser and refresh, then the main page of the portal is
> shown and the user is authenticated.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
