[jboss-user] [JBoss Portal] - Re: HTTP Status 403 - when using LDAP

DeanoUK do-not-reply at jboss.com
Wed Apr 30 07:00:29 EDT 2008 

I've added some logging and am seeing:


  | [30 Apr 2008 11:56:26] DEBUG com.msp.ejb.security.IdentityLoginModule  - U
  | serStatus is OK, returning true.
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.authenticator.FormAuthenticator
  |   - Authentication of 'dean.pullen' was successful
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.authenticator.FormAuthenticator
  |   - Redirecting to original '/portal/auth/portal/default/default'
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.authenticator.AuthenticatorBase
  |   -  Failed authenticate() test ??/portal/auth/portal/default/j_security_check
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.connector.CoyoteAdapter  -  Req
  | uested cookie session id is 6D4F6081BEF093070076F5DF9E375A06
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.authenticator.AuthenticatorBase
  |   - Security checking request GET /portal/auth/portal/default/default
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.realm.RealmBase  -   Checking c
  | onstraint 'SecurityConstraint[Authenticated]' against GET /auth/portal/default/d
  | efault --> true
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.realm.RealmBase  -   Checking c
  | onstraint 'SecurityConstraint[Secure]' against GET /auth/portal/default/default
  | --> false
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.realm.RealmBase  -   Checking c
  | onstraint 'SecurityConstraint[Secure+Authenticated]' against GET /auth/portal/de
  | fault/default --> false
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.realm.RealmBase  -   Checking c
  | onstraint 'SecurityConstraint[Authenticated]' against GET /auth/portal/default/d
  | efault --> true
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.realm.RealmBase  -   Checking c
  | onstraint 'SecurityConstraint[Secure]' against GET /auth/portal/default/default
  | --> false
  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.realm.RealmBase  -   Checking c
  | onstraint 'SecurityConstraint[Secure+Authenticated]' against GET /auth/portal/de
  | fault/default --> false
  | 

(You'll notice I've replaced IdentityLoginModule  with our own version which only adds additional debug statements)

I see it passing the Authenticated roles but not Secure or Secure+Authenticated but I've never seen these mentioned anywhere. Is this the cause of the problem, and if so how do I fix it? Adding these roles doesn't seem to change anything.

This also makes me wonder if authetication hasn't properly passed (shown above too):


  | [30 Apr 2008 11:56:26] DEBUG org.apache.catalina.authenticator.AuthenticatorBase
  |   -  Failed authenticate() test ??/portal/auth/portal/default/j_security_check
  | 

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4147787#4147787

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4147787

More information about the jboss-user mailing list