I was working on making the portal CAS compliant and when I finally suceeded, it turns out that I changed some config option and now the dashboard page keeps answering with a 403 unauthorized error. I verified every portlet-instance.xml file and portal-object file but I don't remember where I tweaked it. Here's a server log excerpt. anonymous wrote : 2007-08-27 10:21:27,505 DEBUG [org.apache.jk.server.JkCoyoteHandler] Invoke R( /portal/auth/dashboard) org.apache.coyote.Response@547c9a /portal/auth/dashboard | | 2007-08-27 10:21:27,505 DEBUG [org.apache.catalina.connector.CoyoteAdapter] Requested cookie session id is 3A0BF35C49C69D2B5A2ED7B741588E44 | | 2007-08-27 10:21:27,505 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Security checking request GET /portal/auth/dashboard | | 2007-08-27 10:21:27,505 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] We have cached auth type FORM for principal GenericPrincipal[SIM\boudrel(Authenticated,User,(...))] | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[Authenticated]' against GET /auth/dashboard --> true | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[Secure]' against GET /auth/dashboard --> false | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[Secure+Authenticated]' against GET /auth/dashboard --> false | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[Authenticated]' against GET /auth/dashboard --> true | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[Secure]' against GET /auth/dashboard --> false | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.realm.RealmBase] Checking constraint 'SecurityConstraint[Secure+Authenticated]' against GET /auth/dashboard --> false | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling hasUserDataPermission() | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.realm.RealmBase] User dataconstraint has no restrictions | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling authenticate() | | | | | | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.authenticator.FormAuthenticator] Already authenticated 'SIM\boudrel' | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Calling accessControl() | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.realm.RealmBase] Username SIM\boudrel has role Authenticated | | 2007-08-27 10:21:27,506 DEBUG [org.apache.catalina.authenticator.AuthenticatorBase] Successfully passed all security constraints | | 2007-08-27 10:21:27,531 DEBUG [org.apache.jk.core.MsgContext] COMMIT | | 2007-08-27 10:21:27,531 DEBUG [org.apache.jk.common.JkInputStream] COMMIT sending headers org.apache.coyote.Response@547c9a === MimeHeaders ===Pragma = No-cacheCache-Control = no-cacheExpires = Wed, 31 Dec 1969 19:00:00 ESTX-Powered-By = Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5 | | The response headers are these : anonymous wrote : Date: Mon, 27 Aug 2007 14:34:44 GMT | Server: Apache/2.2.4 (Unix) mod_ssl/2.2.4 OpenSSL/0.9.8b DAV/2 mod_jk/1.2.23 | Pragma: No-cache | Cache-Control: no-cache | Expires: Wed, 31 Dec 1969 19:00:00 EST | X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5 | Content-Length: 964 | Keep-Alive: timeout=5, max=100 | Connection: Keep-Alive | Content-Type: text/html;charset=utf-8 | | 403 Forbidden View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4078367#... Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...