Maybe the web page requested (under /pages/protected/admin/*) is allowed to visit after you login, but that page could need to access to resources stored under others folders non-authorized
Try to access a simple web page ( a blank page ) stored under /pages/protected/admin/ to test if realm mechanism is working fine 2012/9/29 sohsoh <boudali.souh...@gmail.com>: > Hello Tomcatters, > > I am beginner in development, I wanted to do the user authentication, I am I > followed a tutorial for it to the letter, but in the final step I fell into > a problem that I did not arrive for a week of web search to solve it > -- after login he goes search on the database and when it's a fake login or > passe he derige me to the error page<form-error-page> but when the password > and login are correct i get HTTP 403 and that is my problem it does not > Derige me to my desired page > > brief all I've done is >>> in web.xml > > <security-constraint> > <display-name>AdminConstraint</display-name> > <web-resource-collection> > <web-resource-name>Admin</web-resource-name> > <description>Only for administrators</description> > <url-pattern>/pages/protected/admin/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>ADMIN</role-name> > </auth-constraint> > </security-constraint> > <login-config> > <auth-method>FORM</auth-method> > <form-login-config> > <form-login-page>/pages/public/login.xhtml</form-login-page> > <form-error-page>/pages/public/loginError.xhtml</form-error-page> > </form-login-config> > </login-config> > <security-role> > <role-name>ADMIN</role-name> > </security-role> > >>> in server.xml > > <Context path="/myapp" docBase="myapp" > > <Realm className="org.apache.catalina.realm.JDBCRealm" > driverName="com.mysql.jdbc.Driver" > connectionURL="jdbc:mysql://localhost:3306/mabase" userTable="users" > userNameCol="name" userCredCol="pass" userRoleTable="user_roles" > connectionName="tomcat" connectionPassword="TomcatPassword" > roleNameCol="role_name" debug="99" /> > </Context> > > > *where is the error?? is what I need to add anything else??* > > > > -- > View this message in context: > http://tomcat.10.n6.nabble.com/Problems-with-Realm-tp4987265.html > Sent from the Tomcat - User mailing list archive at Nabble.com. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org