Re: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server
ase.hasResourcePermission No role found:
> TOPS_INTL_FIELD_USER_JECEWR
> > 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT
> have role [TOPS_INTL_FIELD_USER_ORD]
> > 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.realm.RealmBase.hasResourcePermission No role found:
> TOPS_INTL_FIELD_USER_ORD
> > 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT
> have role [TOPS_INTERNATIONAL]
> > 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.realm.RealmBase.hasResourcePermission No role found:
> TOPS_INTERNATIONAL
> > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT
> have role [TOPS_INTL_FIELD_USER_LAX]
> > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.realm.RealmBase.hasResourcePermission No role found:
> TOPS_INTL_FIELD_USER_LAX
> > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT
> have role [TOPS_INTL_FIELD_USER_MIA]
> > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.realm.RealmBase.hasResourcePermission No role found:
> TOPS_INTL_FIELD_USER_MIA
> > 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.authenticator.AuthenticatorBase.invoke Failed
> accessControl() test
> >
> >
> >
> > The error messages on the screen looks like below:
> >
> > HTTP Status 403 – Forbidden
> >
> > Type Status Report
> >
> > Message Access to the requested resource has been denied
> >
> > Description The server understood the request but refuses to authorize
> it.
> >
> > USPS_restricted
> >
> >
> >
> >
> >
> >
> > Any idea what is that about? Again the Ream definition is:
> >
> > > connectionURL="ldaps://eagandcs-dev-sha2.usps.gov:636"
> > connectionName="wasd...@devsub.dev.dce.usps.gov"
> > connectionPassword=""
> > authentication="simple"
> > referrals="ignore"
> > userSearch="(sAMAccountName={0})"
> > userBase="DC=devsub,DC=dev,DC=dce,DC=usps,DC=gov"
> > userSubtree="true"
> > roleSearch="(member={0})"
> > roleName="cn"
> > roleSubtree="true"
> > roleBase="DC=devsub,DC=dev,DC=dce,DC=usps,DC=gov"
> > adCompat="true"
> > />
> >
> >
> >
> > Thanks
> > Gary
> >
> >
>
> Peter
>
> PS: you should redact sensitive data from your mails. At least change
> passwords now... google is NOT your friend in this case...
>
> > -Original Message-
> > From: Luis Rodríguez Fernández [mailto:uo67...@gmail.com]
> > Sent: Monday, April 15, 2019 3:47 AM
> > To: Tomcat Users List
> > Subject: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server
> >
> > Hello Gary,
> >
> > I would recommend you to add some debug to your JNDIReam [1]. For
> debugging your ldap search filters ldapsearch can be your friend [2] :)
> >
> > Hope it helps,
> >
> > Luis
> >
> > [1]
> >
> https://stackoverflow.com/questions/12311496/how-to-debug-realm-feature-in-tomcat
> > [2]
> >
> https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Examples-of-common-ldapsearches.html
> >
> >
> >
> >
> >
> >
> >
> > El vie., 12 abr. 2019 a las 0:23, Hua, Gary - Saint Louis, MO -
> Contractor
> > () escribió:
> >
> >> All:
> >>
> >>
> >>
> >> Sorry on my previous email I have some graphic contents that can not
> >> be displayed. Now I change it to texts so you can see them
> >>
> >>
> >>
> >> *From:* Hua, Gary - Saint Louis, MO - Contractor [
> >> mailto:gang@usps.gov.INVALID ]
> >> *Sent:* Thursday, April 11, 2019 4:29 PM
> >> *To:* users@tomcat.apache.org
> >> *Subject:* [EXTERNAL] Tomcat(9.0.13) Error in DEV Server
> >>
> >>
> >>
> >> Tomcat Experts:
> >>
> >>
> >>
> >>The Tomcat server works fine in my local computer with
> >> application “TOPS“ in Eclipse. I deployed the TOPS application to our
&
Re: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server
und:
> TOPS_INTL_FIELD_USER_LAX
> 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT
> have role [TOPS_INTL_FIELD_USER_MIA]
> 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.realm.RealmBase.hasResourcePermission No role found:
> TOPS_INTL_FIELD_USER_MIA
> 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8]
> org.apache.catalina.authenticator.AuthenticatorBase.invoke Failed
> accessControl() test
>
>
>
> The error messages on the screen looks like below:
>
> HTTP Status 403 – Forbidden
>
> Type Status Report
>
> Message Access to the requested resource has been denied
>
> Description The server understood the request but refuses to authorize it.
>
> USPS_restricted
>
>
>
>
>
>
> Any idea what is that about? Again the Ream definition is:
>
>connectionURL="ldaps://eagandcs-dev-sha2.usps.gov:636"
> connectionName="wasd...@devsub.dev.dce.usps.gov"
> connectionPassword=""
> authentication="simple"
> referrals="ignore"
> userSearch="(sAMAccountName={0})"
> userBase="DC=devsub,DC=dev,DC=dce,DC=usps,DC=gov"
> userSubtree="true"
> roleSearch="(member={0})"
> roleName="cn"
> roleSubtree="true"
> roleBase="DC=devsub,DC=dev,DC=dce,DC=usps,DC=gov"
> adCompat="true"
> />
>
>
>
> Thanks
> Gary
>
>
Peter
PS: you should redact sensitive data from your mails. At least change passwords
now... google is NOT your friend in this case...
> -Original Message-
> From: Luis Rodríguez Fernández [mailto:uo67...@gmail.com]
> Sent: Monday, April 15, 2019 3:47 AM
> To: Tomcat Users List
> Subject: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server
>
> Hello Gary,
>
> I would recommend you to add some debug to your JNDIReam [1]. For debugging
> your ldap search filters ldapsearch can be your friend [2] :)
>
> Hope it helps,
>
> Luis
>
> [1]
> https://stackoverflow.com/questions/12311496/how-to-debug-realm-feature-in-tomcat
> [2]
> https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Examples-of-common-ldapsearches.html
>
>
>
>
>
>
>
> El vie., 12 abr. 2019 a las 0:23, Hua, Gary - Saint Louis, MO - Contractor
> () escribió:
>
>> All:
>>
>>
>>
>> Sorry on my previous email I have some graphic contents that can not
>> be displayed. Now I change it to texts so you can see them
>>
>>
>>
>> *From:* Hua, Gary - Saint Louis, MO - Contractor [
>> mailto:gang@usps.gov.INVALID ]
>> *Sent:* Thursday, April 11, 2019 4:29 PM
>> *To:* users@tomcat.apache.org
>> *Subject:* [EXTERNAL] Tomcat(9.0.13) Error in DEV Server
>>
>>
>>
>> Tomcat Experts:
>>
>>
>>
>>The Tomcat server works fine in my local computer with
>> application “TOPS“ in Eclipse. I deployed the TOPS application to our
>> DEV web server eagnmnmed1f45 under webapps.
>>
>>
>>
>>After I started the Tomcat server (9.0.13) in DEV
>> server and entered the TOPS home page URL
>> http://eagnmnmed1f45:9080/TOPS-WEB/Welcome.do (It is
>> http://localhost:8080/TOPS-WEB/Welcome.do in my local computer) in the
>> browser, it was re-directed to
>> https://eagnmnmed1f45:9443/TOPS-WEB/Welcome.do.and following error:
>>
>>
>>
>>
>>
>> *The website cannot display the page*
>>
>> HTTP 500
>>
>>
>>
>> *Most likely causes:*
>>
>> - The website is under maintenance.
>> - The website has a programming error.
>>
>>
>>
>> *What you can try:*
>>
>>
>>
>> [image: res://\\ieframe.dll/bullet.png]
>>
>> Refresh the page.Refresh the page.
>>
>>
>>
>> [image: res://\\ieframe.dll/bullet.png]
>>
>> Go back to the previous page.Go back to the previous page.
>>
>>
>>
>> [image: More information]
>>
>> More information
>>
>>
>>
>>
>>
>> atadmin@eagnmnmed1f45:/opt/TomCat/apache-tomcat-9.0.13/logs>tail -f
>> catalina.out
>>
>> 5307 [main] WARN org.hibernate.cache.EhCacheProvider - Could not find
>> configuration [LegDistanceImpl]; using defaults.
>>
>> 5764 [main] INFO o
RE: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server
dmin(NAT_TOPS_ADMIN,)] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_INQUIRY] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_INQUIRY 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_ADMIN] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_ADMIN 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_SFO] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_SFO 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_MODELING] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_MODELING 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INQUIRY] 15-Apr-2019 17:08:17.767 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INQUIRY 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_EDITOR] 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_EDITOR 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_JFK] 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_JFK 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_JECEWR] 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_JECEWR 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_ORD] 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_ORD 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTERNATIONAL] 15-Apr-2019 17:08:17.768 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTERNATIONAL 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_LAX] 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_LAX 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasRole Username [topsadmin] does NOT have role [TOPS_INTL_FIELD_USER_MIA] 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.realm.RealmBase.hasResourcePermission No role found: TOPS_INTL_FIELD_USER_MIA 15-Apr-2019 17:08:17.769 FINE [https-jsse-nio-9443-exec-8] org.apache.catalina.authenticator.AuthenticatorBase.invoke Failed accessControl() test The error messages on the screen looks like below: HTTP Status 403 – Forbidden Type Status Report Message Access to the requested resource has been denied Description The server understood the request but refuses to authorize it. USPS_restricted Any idea what is that about? Again the Ream definition is: Thanks Gary -Original Message- From: Luis Rodríguez Fernández [mailto:uo67...@gmail.com] Sent: Monday, April 15, 2019 3:47 AM To: Tomcat Users List Subject: [EXTERNAL] Re: Tomcat(9.0.13) Error in DEV Server Hello Gary, I would recommend you to add some debug to your JNDIReam [1]. For debugging your ldap search filters ldapsearch can be your friend [2] :) Hope it helps, Luis [1] https://stackoverflow.com/questions/12311496/how-to-debug-realm-feature-in-tomcat [2] https://access.redhat.com/documentation/en-US/Red_Hat_Directory_Server/8.2/html/Administration_Guide/Examples-of-common-ldapsearches.html El vie
