Getting 403 (Access Denied) when running Tomcat under Eclipse
Hi, I have a web application that works when run directly under Tomcat. This web app has the following in web.xml: security-constraint web-resource-collection web-resource-nametestweb/web-resource-name description accessible by authenticated users of the tomcat role/description url-pattern/*/url-pattern http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method http-methodDELETE/http-method /web-resource-collection auth-constraint descriptionThese roles are allowed access/description role-nameluceneuser/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameSearch/realm-name /login-config security-role descriptionOnly 'tomcat' role is allowed to access this web application/description role-nametestuser/role-name /security-role However, when I run the webapp under Eclipse (i.e., do a Run on server), and attempt to login as the same user, with the same password, I get a 403 (Access denied) error. If I remove the constraint, it then works under Tomcat and Eclipse I've checked the Tomcat logs, and I don't see any info there. Can anyone tell me why this is happening?? Thanks, Jim P.S. Tomcat version is 5.5.2.8, under Windows. Eclipse is latest Galileo. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Getting 403 (Access Denied) when running Tomcat under Eclipse
Doesnt eclipse use use a $CATALINA_BASE to run tomcat? I think the tomcat instance on eclipse is not the same as the one on $CATALINA_HOME. Look at the server project files under eclipse they will have their own configuration files. On Mon, Jan 18, 2010 at 10:43 PM, oh...@cox.net wrote: Hi, I have a web application that works when run directly under Tomcat. This web app has the following in web.xml: security-constraint web-resource-collection web-resource-nametestweb/web-resource-name description accessible by authenticated users of the tomcat role/description url-pattern/*/url-pattern http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method http-methodDELETE/http-method /web-resource-collection auth-constraint descriptionThese roles are allowed access/description role-nameluceneuser/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameSearch/realm-name /login-config security-role descriptionOnly 'tomcat' role is allowed to access this web application/description role-nametestuser/role-name /security-role However, when I run the webapp under Eclipse (i.e., do a Run on server), and attempt to login as the same user, with the same password, I get a 403 (Access denied) error. If I remove the constraint, it then works under Tomcat and Eclipse I've checked the Tomcat logs, and I don't see any info there. Can anyone tell me why this is happening?? Thanks, Jim P.S. Tomcat version is 5.5.2.8, under Windows. Eclipse is latest Galileo. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Getting 403 (Access Denied) when running Tomcat under Eclipse
Hi, AHH!! I was only looking through the Eclipse GUI settings, and hadn't noticed that under Servers--Tomcat v5.5 in the Eclipse Project Explorer, there were catalina.policy, etc. files, including tomcat-users.xml :(... So, I added my role and user definitions to that tomcat-users.xml, and it worked!! I'm still a little puzzled though. In Eclipse Servers, there was also a web.xml, but I *did NOT* have to modify that web.xml, and it's picking up the web.xml from my webapp's WEB-INF\web.xml. Is that because the web.xml under Eclipse Servers is server-scoped, and so the web.xml in my webapp is overriding the Eclipse Servers web.xml? Thanks! Jim Ziggy zigg...@gmail.com wrote: Doesnt eclipse use use a $CATALINA_BASE to run tomcat? I think the tomcat instance on eclipse is not the same as the one on $CATALINA_HOME. Look at the server project files under eclipse they will have their own configuration files. On Mon, Jan 18, 2010 at 10:43 PM, oh...@cox.net wrote: Hi, I have a web application that works when run directly under Tomcat. This web app has the following in web.xml: security-constraint web-resource-collection web-resource-nametestweb/web-resource-name description accessible by authenticated users of the tomcat role/description url-pattern/*/url-pattern http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method http-methodDELETE/http-method /web-resource-collection auth-constraint descriptionThese roles are allowed access/description role-nameluceneuser/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameSearch/realm-name /login-config security-role descriptionOnly 'tomcat' role is allowed to access this web application/description role-nametestuser/role-name /security-role However, when I run the webapp under Eclipse (i.e., do a Run on server), and attempt to login as the same user, with the same password, I get a 403 (Access denied) error. If I remove the constraint, it then works under Tomcat and Eclipse I've checked the Tomcat logs, and I don't see any info there. Can anyone tell me why this is happening?? Thanks, Jim P.S. Tomcat version is 5.5.2.8, under Windows. Eclipse is latest Galileo. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
