RE: HTTP 403 - isapi_redirector
Glad you figured it out... I just rolled my security app out to production and it isnt working either. There is a difference between the iis on production and the one I was using for development. -sigh -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 22, 2003 2:21 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector Ok, I fixed the problem. I figured out that I was using Tomcat 4.1.16 in production and Tomcat 4.1.24 in preproduction. So I uninstalled tomcat 4.1.16 and installed tomcat 4.1.24 and everything was fine. But still, I don't know what was wrong with version 4.1.16... anyway it is fixed now. So much wasted time -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 17 octobre, 2003 14:02 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector Sorry, out of my range of experience, if you figure it out, will you send out the solution? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 3:36 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector No, the login.jsp page is not under a restricted folder and is not spécified as a restricted ressource. I can access it directly without any authentification. The login form is well configured in the web.xml because if I bypass IIS and access directly a restricted ressource on tomcat (on port 8080) the login form is displayed. -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 16:29 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector Is your form inside the secured folder? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 3:25 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector This is the environement: IIS 5 Tomcat 4.1.24 (listen on port 8080) Win2k Avanced Server Browser: IE 6 or Netscape 7.1 don't make any difference -Original Message- From: Hart, Justin [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 16:20 To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector What version of IIS? -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 4:19 PM To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector Do you get the form if you go directly to it through IIS, I mean http://host/site/form.jsp -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 1:51 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector I'm not getting the form if I go via IIS on port 80 but if I try directly via Tomcat on port 8080 I get it. So the set up (web.xml) is fine on tomcat. -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 14:04 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector With form based authentication, are you getting the form? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 12:18 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector Thanks James, I did try your solution but nothing changed -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 12:06 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector I ran into the same problem and switched to using a form based authentication which seems to work fine. It seems to be some problem with iis intercepting the login info? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 11:00 AM To: [EMAIL PROTECTED] Subject: HTTP 403 - isapi_redirector Hi all, Environement: IIS 5 (isapi_redirector.dll) (listen on port 80) Tomcat 4.1.24 (listen on port 8080) Win2k Avanced Server Browser: IE 6 or Netscape 7.1 Here is my problem. I get a HTTP Status 403 - Access to the requested resource has been denied when I try to access a protected ressource(in web.xml) via IIS on port 80 which redirect to a Tomcat 4.1.24 on port 8080. Not suprising because the ressource is secured into the web.xml. I use a BASIC authentification. But the thing is that I never get the pop-up window asking for my credentials (username/password). So, I never get the chance to authentificate myself (username/password). I'm able to surf any non-restricted ressources on the webapp without any problem. So, the isapi_redirector is well configured. I've tried to access a protected ressource on the webapp directly on port 8080 (bypassing IIS) and I received the pop-up window asking for my credentials (username/password). So everything is fine with Tomcat. I've set the log level to debug the isapi_redirector.dll and this is what I get when I try to access a restricted ressource: [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (696
Tomcat + IIS (Virtual Server vs Virtual Directory)
i really need some help on this, i think it is an easy problem if you have done this before. I have successfully configured my Tomcat + IIS 5.1 dev environment. I have been using a virtual directory pointed at a folder in side the tomcat root to host my files. so i access the site via http://localhost/marketing http://localhost/marketing however, when i went to implement it in our production environment they explained that they were using multiple virtual servers. everything went ok in the install except, where do i put the virtual directory that points to the isapi redirector? i placed it in the virtual server, but it doesnt seem to be working correctly. i think because of the way the registry keys reference the isapi redirector. right now http://www.marketing.com:8080/marketing/ http://www.marketing.com:8080/marketing/ seems to be working properly, but http://www.marketing.com http://www.marketing.com is not compiling the jsp code, and is serving the pages as though they were just html, and it is ignoring my security contexts. thank you so much for helping with this! james watkins
seeking tomcat consultant in dallas fort worth
I would be interested in finding a tomcat consultant in the Dallas/Fort Worth area, who has experience in configuring Tomcat with IIS. If you know anyone, please have them reply to [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] . Thanks! James Watkins
RE: HTTP 403 - isapi_redirector
Sorry, out of my range of experience, if you figure it out, will you send out the solution? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 3:36 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector No, the login.jsp page is not under a restricted folder and is not spécified as a restricted ressource. I can access it directly without any authentification. The login form is well configured in the web.xml because if I bypass IIS and access directly a restricted ressource on tomcat (on port 8080) the login form is displayed. -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 16:29 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector Is your form inside the secured folder? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 3:25 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector This is the environement: IIS 5 Tomcat 4.1.24 (listen on port 8080) Win2k Avanced Server Browser: IE 6 or Netscape 7.1 don't make any difference -Original Message- From: Hart, Justin [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 16:20 To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector What version of IIS? -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 4:19 PM To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector Do you get the form if you go directly to it through IIS, I mean http://host/site/form.jsp -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 1:51 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector I'm not getting the form if I go via IIS on port 80 but if I try directly via Tomcat on port 8080 I get it. So the set up (web.xml) is fine on tomcat. -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 14:04 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector With form based authentication, are you getting the form? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 12:18 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector Thanks James, I did try your solution but nothing changed -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 12:06 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector I ran into the same problem and switched to using a form based authentication which seems to work fine. It seems to be some problem with iis intercepting the login info? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 11:00 AM To: [EMAIL PROTECTED] Subject: HTTP 403 - isapi_redirector Hi all, Environement: IIS 5 (isapi_redirector.dll) (listen on port 80) Tomcat 4.1.24 (listen on port 8080) Win2k Avanced Server Browser: IE 6 or Netscape 7.1 Here is my problem. I get a HTTP Status 403 - Access to the requested resource has been denied when I try to access a protected ressource(in web.xml) via IIS on port 80 which redirect to a Tomcat 4.1.24 on port 8080. Not suprising because the ressource is secured into the web.xml. I use a BASIC authentification. But the thing is that I never get the pop-up window asking for my credentials (username/password). So, I never get the chance to authentificate myself (username/password). I'm able to surf any non-restricted ressources on the webapp without any problem. So, the isapi_redirector is well configured. I've tried to access a protected ressource on the webapp directly on port 8080 (bypassing IIS) and I received the pop-up window asking for my credentials (username/password). So everything is fine with Tomcat. I've set the log level to debug the isapi_redirector.dll and this is what I get when I try to access a restricted ressource: [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (696)]: HttpFilterProc started [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (759)]: In HttpFilterProc Virtual Host redirection of /206.162.174.213/dpi/export/viewfiles.jsp [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (460)]: Into jk_uri_worker_map_t::map_uri_to_worker [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (477)]: Attempting to map URI '/206.162.174.213/dpi/export/viewfiles.jsp' [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (599)]: jk_uri_worker_map_t::map_uri_to_worker, done without a match [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (765)]: In HttpFilterProc test Default redirection of /dpi/export/viewfiles.jsp [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (460)]: Into jk_uri_worker_map_t::map_uri_to_worker [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (477)]: Attempting to map URI '/dpi/export/viewfiles.jsp' [Thu Oct 16 10:08:16 2003
confused about iis 5.1/tomcat 4.1.27
i am using j_security_check with a form based login screen... this works ok, but here is my problem. the entry page is a redirect to a secured page based on the referer url, or the username. this works ok, i have two users, two roles and two acceptable referer urls. in my web.xml i have 2 security constraints, one on each destination page now the problem is this: if i log in as a user with the wrong role, i get big, ugly 403 error for the secured page that says you are not authorized to view this page. that seems appropriate. but, if i put: error-page error-code403/error-code location/marketing/incorrectpass.jsp/location /error-page in the web.xml page and then do the same thing, i just get a smaller less ugly 403 error message, but for j_security_check any ideas? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: HTTP 403 - isapi_redirector
I ran into the same problem and switched to using a form based authentication which seems to work fine. It seems to be some problem with iis intercepting the login info? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 11:00 AM To: [EMAIL PROTECTED] Subject: HTTP 403 - isapi_redirector Hi all, Environement: IIS 5 (isapi_redirector.dll) (listen on port 80) Tomcat 4.1.24 (listen on port 8080) Win2k Avanced Server Browser: IE 6 or Netscape 7.1 Here is my problem. I get a HTTP Status 403 - Access to the requested resource has been denied when I try to access a protected ressource(in web.xml) via IIS on port 80 which redirect to a Tomcat 4.1.24 on port 8080. Not suprising because the ressource is secured into the web.xml. I use a BASIC authentification. But the thing is that I never get the pop-up window asking for my credentials (username/password). So, I never get the chance to authentificate myself (username/password). I'm able to surf any non-restricted ressources on the webapp without any problem. So, the isapi_redirector is well configured. I've tried to access a protected ressource on the webapp directly on port 8080 (bypassing IIS) and I received the pop-up window asking for my credentials (username/password). So everything is fine with Tomcat. I've set the log level to debug the isapi_redirector.dll and this is what I get when I try to access a restricted ressource: [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (696)]: HttpFilterProc started [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (759)]: In HttpFilterProc Virtual Host redirection of /206.162.174.213/dpi/export/viewfiles.jsp [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (460)]: Into jk_uri_worker_map_t::map_uri_to_worker [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (477)]: Attempting to map URI '/206.162.174.213/dpi/export/viewfiles.jsp' [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (599)]: jk_uri_worker_map_t::map_uri_to_worker, done without a match [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (765)]: In HttpFilterProc test Default redirection of /dpi/export/viewfiles.jsp [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (460)]: Into jk_uri_worker_map_t::map_uri_to_worker [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (477)]: Attempting to map URI '/dpi/export/viewfiles.jsp' [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (502)]: jk_uri_worker_map_t::map_uri_to_worker, Found a context match testWorker - /dpi/ [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (558)]: jk_uri_worker_map_t::map_uri_to_worker, Found a suffix match testWorker - *.jsp [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (775)]: HttpFilterProc [/dpi/export/viewfiles.jsp] is a servlet url - should redirect to testWorker [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (838)]: HttpFilterProc check if [/dpi/export/viewfiles.jsp] is points to the web-inf directory [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (878)]: HttpExtensionProc started [Thu Oct 16 10:08:16 2003] [jk_worker.c (132)]: Into wc_get_worker_for_name testWorker [Thu Oct 16 10:08:16 2003] [jk_worker.c (136)]: wc_get_worker_for_name, done found a worker [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (913)]: HttpExtensionProc got a worker for name testWorker [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (1391)]: Into jk_worker_t::get_endpoint [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (1435)]: In jk_endpoint_t::ajp_get_endpoint, time elapsed since last request = 14 seconds [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (1107)]: Into jk_endpoint_t::service [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (295)]: Into ajp_marshal_into_msgb [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (432)]: ajp_marshal_into_msgb - Done [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (640)]: sending to ajp13 #437 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (882)]: ajp_send_request 2: request body to send 0 - request body to resend 0 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (727)]: received from ajp13 #170 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (483)]: ajp_unmarshal_response: status = 403 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (488)]: ajp_unmarshal_response: Number of headers is = 5 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (532)]: ajp_unmarshal_response: Header[0] [Pragma] = [No-cache] [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (532)]: ajp_unmarshal_response: Header[1] [Cache-Control] = [no-cache] [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (532)]: ajp_unmarshal_response: Header[2] [Expires] = [Thu, 01 Jan 1970 00:00:00 GMT] [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (532)]: ajp_unmarshal_response: Header[3] [Content-Type] = [text/html;charset=ISO-8859-1] [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (532)]: ajp_unmarshal_response: Header[4] [Content-Language] = [en-US] [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (432)]: Into jk_ws_service_t::start_response [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (727)]: received from ajp13 #843
RE: HTTP 403 - isapi_redirector
With form based authentication, are you getting the form? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 12:18 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector Thanks James, I did try your solution but nothing changed -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 12:06 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector I ran into the same problem and switched to using a form based authentication which seems to work fine. It seems to be some problem with iis intercepting the login info? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 11:00 AM To: [EMAIL PROTECTED] Subject: HTTP 403 - isapi_redirector Hi all, Environement: IIS 5 (isapi_redirector.dll) (listen on port 80) Tomcat 4.1.24 (listen on port 8080) Win2k Avanced Server Browser: IE 6 or Netscape 7.1 Here is my problem. I get a HTTP Status 403 - Access to the requested resource has been denied when I try to access a protected ressource(in web.xml) via IIS on port 80 which redirect to a Tomcat 4.1.24 on port 8080. Not suprising because the ressource is secured into the web.xml. I use a BASIC authentification. But the thing is that I never get the pop-up window asking for my credentials (username/password). So, I never get the chance to authentificate myself (username/password). I'm able to surf any non-restricted ressources on the webapp without any problem. So, the isapi_redirector is well configured. I've tried to access a protected ressource on the webapp directly on port 8080 (bypassing IIS) and I received the pop-up window asking for my credentials (username/password). So everything is fine with Tomcat. I've set the log level to debug the isapi_redirector.dll and this is what I get when I try to access a restricted ressource: [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (696)]: HttpFilterProc started [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (759)]: In HttpFilterProc Virtual Host redirection of /206.162.174.213/dpi/export/viewfiles.jsp [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (460)]: Into jk_uri_worker_map_t::map_uri_to_worker [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (477)]: Attempting to map URI '/206.162.174.213/dpi/export/viewfiles.jsp' [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (599)]: jk_uri_worker_map_t::map_uri_to_worker, done without a match [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (765)]: In HttpFilterProc test Default redirection of /dpi/export/viewfiles.jsp [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (460)]: Into jk_uri_worker_map_t::map_uri_to_worker [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (477)]: Attempting to map URI '/dpi/export/viewfiles.jsp' [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (502)]: jk_uri_worker_map_t::map_uri_to_worker, Found a context match testWorker - /dpi/ [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (558)]: jk_uri_worker_map_t::map_uri_to_worker, Found a suffix match testWorker - *.jsp [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (775)]: HttpFilterProc [/dpi/export/viewfiles.jsp] is a servlet url - should redirect to testWorker [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (838)]: HttpFilterProc check if [/dpi/export/viewfiles.jsp] is points to the web-inf directory [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (878)]: HttpExtensionProc started [Thu Oct 16 10:08:16 2003] [jk_worker.c (132)]: Into wc_get_worker_for_name testWorker [Thu Oct 16 10:08:16 2003] [jk_worker.c (136)]: wc_get_worker_for_name, done found a worker [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (913)]: HttpExtensionProc got a worker for name testWorker [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (1391)]: Into jk_worker_t::get_endpoint [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (1435)]: In jk_endpoint_t::ajp_get_endpoint, time elapsed since last request = 14 seconds [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (1107)]: Into jk_endpoint_t::service [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (295)]: Into ajp_marshal_into_msgb [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (432)]: ajp_marshal_into_msgb - Done [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (640)]: sending to ajp13 #437 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (882)]: ajp_send_request 2: request body to send 0 - request body to resend 0 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (727)]: received from ajp13 #170 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (483)]: ajp_unmarshal_response: status = 403 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (488)]: ajp_unmarshal_response: Number of headers is = 5 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (532)]: ajp_unmarshal_response: Header[0] [Pragma] = [No-cache] [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (532)]: ajp_unmarshal_response: Header[1] [Cache-Control] = [no-cache] [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (532)]: ajp_unmarshal_response: Header
RE: HTTP 403 - isapi_redirector
Do you get the form if you go directly to it through IIS, I mean http://host/site/form.jsp -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 1:51 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector I'm not getting the form if I go via IIS on port 80 but if I try directly via Tomcat on port 8080 I get it. So the set up (web.xml) is fine on tomcat. -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 14:04 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector With form based authentication, are you getting the form? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 12:18 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector Thanks James, I did try your solution but nothing changed -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 12:06 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector I ran into the same problem and switched to using a form based authentication which seems to work fine. It seems to be some problem with iis intercepting the login info? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 11:00 AM To: [EMAIL PROTECTED] Subject: HTTP 403 - isapi_redirector Hi all, Environement: IIS 5 (isapi_redirector.dll) (listen on port 80) Tomcat 4.1.24 (listen on port 8080) Win2k Avanced Server Browser: IE 6 or Netscape 7.1 Here is my problem. I get a HTTP Status 403 - Access to the requested resource has been denied when I try to access a protected ressource(in web.xml) via IIS on port 80 which redirect to a Tomcat 4.1.24 on port 8080. Not suprising because the ressource is secured into the web.xml. I use a BASIC authentification. But the thing is that I never get the pop-up window asking for my credentials (username/password). So, I never get the chance to authentificate myself (username/password). I'm able to surf any non-restricted ressources on the webapp without any problem. So, the isapi_redirector is well configured. I've tried to access a protected ressource on the webapp directly on port 8080 (bypassing IIS) and I received the pop-up window asking for my credentials (username/password). So everything is fine with Tomcat. I've set the log level to debug the isapi_redirector.dll and this is what I get when I try to access a restricted ressource: [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (696)]: HttpFilterProc started [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (759)]: In HttpFilterProc Virtual Host redirection of /206.162.174.213/dpi/export/viewfiles.jsp [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (460)]: Into jk_uri_worker_map_t::map_uri_to_worker [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (477)]: Attempting to map URI '/206.162.174.213/dpi/export/viewfiles.jsp' [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (599)]: jk_uri_worker_map_t::map_uri_to_worker, done without a match [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (765)]: In HttpFilterProc test Default redirection of /dpi/export/viewfiles.jsp [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (460)]: Into jk_uri_worker_map_t::map_uri_to_worker [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (477)]: Attempting to map URI '/dpi/export/viewfiles.jsp' [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (502)]: jk_uri_worker_map_t::map_uri_to_worker, Found a context match testWorker - /dpi/ [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (558)]: jk_uri_worker_map_t::map_uri_to_worker, Found a suffix match testWorker - *.jsp [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (775)]: HttpFilterProc [/dpi/export/viewfiles.jsp] is a servlet url - should redirect to testWorker [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (838)]: HttpFilterProc check if [/dpi/export/viewfiles.jsp] is points to the web-inf directory [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (878)]: HttpExtensionProc started [Thu Oct 16 10:08:16 2003] [jk_worker.c (132)]: Into wc_get_worker_for_name testWorker [Thu Oct 16 10:08:16 2003] [jk_worker.c (136)]: wc_get_worker_for_name, done found a worker [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (913)]: HttpExtensionProc got a worker for name testWorker [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (1391)]: Into jk_worker_t::get_endpoint [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (1435)]: In jk_endpoint_t::ajp_get_endpoint, time elapsed since last request = 14 seconds [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (1107)]: Into jk_endpoint_t::service [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (295)]: Into ajp_marshal_into_msgb [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (432)]: ajp_marshal_into_msgb - Done [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (640)]: sending to ajp13 #437 [Thu Oct 16 10:08:16 2003] [jk_ajp_common.c (882)]: ajp_send_request 2: request body to send 0
RE: HTTP 403 - isapi_redirector
Is your form inside the secured folder? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 3:25 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector This is the environement: IIS 5 Tomcat 4.1.24 (listen on port 8080) Win2k Avanced Server Browser: IE 6 or Netscape 7.1 don't make any difference -Original Message- From: Hart, Justin [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 16:20 To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector What version of IIS? -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 4:19 PM To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector Do you get the form if you go directly to it through IIS, I mean http://host/site/form.jsp -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 1:51 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector I'm not getting the form if I go via IIS on port 80 but if I try directly via Tomcat on port 8080 I get it. So the set up (web.xml) is fine on tomcat. -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 14:04 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector With form based authentication, are you getting the form? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 12:18 PM To: Tomcat Users List Subject: RE: HTTP 403 - isapi_redirector Thanks James, I did try your solution but nothing changed -Original Message- From: Watkins, James [mailto:[EMAIL PROTECTED] Sent: 16 octobre, 2003 12:06 To: 'Tomcat Users List' Subject: RE: HTTP 403 - isapi_redirector I ran into the same problem and switched to using a form based authentication which seems to work fine. It seems to be some problem with iis intercepting the login info? -Original Message- From: Dionne, Patrice [mailto:[EMAIL PROTECTED] Sent: Thursday, October 16, 2003 11:00 AM To: [EMAIL PROTECTED] Subject: HTTP 403 - isapi_redirector Hi all, Environement: IIS 5 (isapi_redirector.dll) (listen on port 80) Tomcat 4.1.24 (listen on port 8080) Win2k Avanced Server Browser: IE 6 or Netscape 7.1 Here is my problem. I get a HTTP Status 403 - Access to the requested resource has been denied when I try to access a protected ressource(in web.xml) via IIS on port 80 which redirect to a Tomcat 4.1.24 on port 8080. Not suprising because the ressource is secured into the web.xml. I use a BASIC authentification. But the thing is that I never get the pop-up window asking for my credentials (username/password). So, I never get the chance to authentificate myself (username/password). I'm able to surf any non-restricted ressources on the webapp without any problem. So, the isapi_redirector is well configured. I've tried to access a protected ressource on the webapp directly on port 8080 (bypassing IIS) and I received the pop-up window asking for my credentials (username/password). So everything is fine with Tomcat. I've set the log level to debug the isapi_redirector.dll and this is what I get when I try to access a restricted ressource: [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (696)]: HttpFilterProc started [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (759)]: In HttpFilterProc Virtual Host redirection of /206.162.174.213/dpi/export/viewfiles.jsp [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (460)]: Into jk_uri_worker_map_t::map_uri_to_worker [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (477)]: Attempting to map URI '/206.162.174.213/dpi/export/viewfiles.jsp' [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (599)]: jk_uri_worker_map_t::map_uri_to_worker, done without a match [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (765)]: In HttpFilterProc test Default redirection of /dpi/export/viewfiles.jsp [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (460)]: Into jk_uri_worker_map_t::map_uri_to_worker [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (477)]: Attempting to map URI '/dpi/export/viewfiles.jsp' [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (502)]: jk_uri_worker_map_t::map_uri_to_worker, Found a context match testWorker - /dpi/ [Thu Oct 16 10:08:16 2003] [jk_uri_worker_map.c (558)]: jk_uri_worker_map_t::map_uri_to_worker, Found a suffix match testWorker - *.jsp [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (775)]: HttpFilterProc [/dpi/export/viewfiles.jsp] is a servlet url - should redirect to testWorker [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (838)]: HttpFilterProc check if [/dpi/export/viewfiles.jsp] is points to the web-inf directory [Thu Oct 16 10:08:16 2003] [jk_isapi_plugin.c (878)]: HttpExtensionProc started [Thu Oct 16 10:08:16 2003] [jk_worker.c (132)]: Into wc_get_worker_for_name testWorker [Thu Oct 16 10:08:16 2003] [jk_worker.c (136)]: wc_get_worker_for_name, done found
