I am trying to use declarative security in my web.xml file to require a google login to access my web pages. I allow role-name * and role- name admin. I placed a portion of the file below. When I access a web page music.jsp, I get prompted for my login. I am (admin) role, it works perfectly. However if my wife accesses music.jsp web page, she gets prompted for login but then gets Error Forbidden Your client does not have permission to get URL /music.jsp from this service.
Any ideas? <security-constraint> <web-resource-collection> <web-resource-name>controlAccess</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <web-resource-collection> <web-resource-name>controlJspAccess</web-resource-name> <url-pattern>/*.jsp</url-pattern> </web-resource-collection> <web-resource-collection> <web-resource-name>controlControllerServletAccess</web-resource- name> <url-pattern>/ControllerServlet</url-pattern> </web-resource-collection> <auth-constraint> <role-name>*</role-name> <role-name>admin</role-name> </auth-constraint> </security-constraint> Thank you Dave
-- You received this message because you are subscribed to the Google Groups "Google App Engine for Java" group. To post to this group, send email to google-appengine-j...@googlegroups.com. To unsubscribe from this group, send email to google-appengine-java+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/google-appengine-java?hl=en.