Problem: - Making any https call fails with the message "Forbidden. You were denied access because: Access denied by access control list.". - The failure happens even accessing https://<host>:8443/tomcat-docs, while a regular http call succeeds. - The failure happens with some browsers (i.e.: Mozilla) but now with others (i.e.: Internet Explorer, and most versions of Netscape). - The failure appears to only happen when accessing a server on a different box than the one where the browser is running. It has not happened (so far) on the same box as the client. - The failure appears to happen with the Tomcat running on either Windows or Solaris. - The failure is not related to the JDK's Verisign Certificate issue (expired Jan 7). It was happening in December, and it was not corrected by JDK 1.4.2_03. Also, the certificates being used are self-signed according to the Tomcat's default instructions.
Questions: - Is this a configuration issue? Or is it a deeper problem with either Tomcat or the browsers? I have not seen many postings out there on this topic, so I assume (and hope) the problem is a dumb configuration snafu. - Is there a know solution? I have not found any on the Tomcat archives, on the Mozilla archives, or even after several exchanges with the Mozilla support people. - Is there any additional information I can provide that might shed some light as to why this is happening? Environment details: - Tomcat version: 5. - JDK version 1.4.2 (both _02 and _03). - Mozilla versions failing (at least 1.4 and 1.5). - IE version succeeding (at least 6.0) - Netscape version succeeding (at least 4.5, 4.7, and I believe one of the 7.x versions). server.xml: (feel free to comment if you see something wrong even if unrelated) <Server port="8105" shutdown="SHUTDOWN" debug="0"> <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" debug="0"/> <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" debug="0"/> <GlobalNamingResources> <Environment name="simpleValue" type="java.lang.Integer" value="30"/> <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved"> </Resource> <ResourceParams name="UserDatabase"> <parameter> <name>factory</name> <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value> </parameter> <parameter> <name>pathname</name> <value>conf/tomcat-users.xml</value> </parameter> </ResourceParams> </GlobalNamingResources> <Service name="Catalina"> <Connector port="8089" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" redirectPort="8443" acceptCount="100" debug="0" connectionTimeout="20000" disableUploadTimeout="true" /> <Connector port="8443" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="false" disableUploadTimeout="true" acceptCount="100" debug="0" scheme="https" secure="true" clientAuth="false" sslProtocol="TLS" /> <Connector port="8109" enableLookups="false" redirectPort="8443" debug="0" protocol="AJP/1.3" /> <Engine name="Catalina" defaultHost="localhost" debug="0"> <Logger className="org.apache.catalina.logger.FileLogger" prefix="catalina_log." suffix=".txt" timestamp="true"/> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" debug="0" resourceName="UserDatabase"/> <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="true" xmlValidation="false" xmlNamespaceAware="false"> <Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="localhost_log." suffix=".txt" timestamp="true"/> </Host> </Engine> </Service> </Server> Bruno Melloni eBusiness Application Center, Americas Nokia, Inc 6000 Connection Drive, Mailstop 4w223 Irving, TX 75039 USA *Office: +1 (972)894-6120 *Cellular: +1 (469) 939-1067 * SMS: [EMAIL PROTECTED] * e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]