I have a page "admin.html" setup with a security restraint for
"admin", which looks like this in my web.xml:
<security-constraint>
<web-resource-collection>
<url-pattern>/admin.html</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
The documentation says, "If the constraint specifies a user role of
admin, then only registered developers (administrators) of the
application can access the URL". (this is from
http://code.google.com/appengine/docs/java/config/webxml.html#Security_and_Authentication)
I have Google Apps Premiere Edition for my domain, and I can
successfully deploy my application to AppEngine directly from eclipse
with my administrator account, e.g. "my.n...@mydomain.com". The app
runs fine too, e.g. at "my-app-name.appspot.com".
When I visit my admin.html page at "my-app-name.appspot.com/
admin.html", I am asked to log in -- so I log in with
"my.n...@mydomain.com", and I get redirected back to the admin.html
page, which gives me the forbidden message "Error: Forbidden Your
client does not have permission to get URL /admin.html from this
server."
I do not understand why this is not working as documented. Surely I
must be misunderstanding something.
Any pointers?
--
You received this message because you are subscribed to the Google Groups
"Google App Engine for Java" group.
To post to this group, send email to google-appengine-j...@googlegroups.com.
To unsubscribe from this group, send email to
google-appengine-java+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/google-appengine-java?hl=en.
