What happens when you move your form-login-page outside of the /admin/ folder?
Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com ----- Original Message ----- From: "Paul Bothma" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, February 13, 2003 06:11 Subject: Tomcat 4.1.12 Form authentication with IIS 5 > Hi, > > I'm using Tomcat 4.1.12 with IIS 5. When I connect directly to > http://localhost:8080/HP/admin/ the Tomcat FORM authentication works fine, > but when I try to connect to http://localhost/HP/admin I get the following > error: > > HTTP Status 403 - Access to the requested resource has been denied > > -------------------------------------------------------------------------- -- > ---- > > type Status report > > message Access to the requested resource has been denied > > description Access to the specified resource (Access to the requested > resource has been denied) has been forbidden. > > > -------------------------------------------------------------------------- -- > ---- > > Apache Tomcat/4.1.12 > > Here is the relevant extract from my web.xml file: > > <security-constraint> > <display-name>HP Administration</display-name> > <web-resource-collection> > <web-resource-name>Protected Area</web-resource-name> > <url-pattern>/admin/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>HP_admin</role-name> > </auth-constraint> > </security-constraint> > > <login-config> > <auth-method>FORM</auth-method> > <realm-name>users</realm-name> > <form-login-config> > <form-login-page>/admin/login.jsp</form-login-page> > <form-error-page>/error.html</form-error-page> > </form-login-config> > </login-config> > > > <!-- Security roles referenced by this web application --> > <security-role> > <role-name>HP_admin</role-name> > </security-role> > > I'm using the isapi_redirect.dll filter in IIS to redirect any request to > *.jsp to Tomcat. (Works fine outside of the secure sections) > > Any ideas on how to correct this error. > > Paul > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
