Hi, I have the following web.xml ===================================================== <web-app ...> <display-name>testeweb</display-name>
<security-constraint> <web-resource-collection> <web-resource-name>Teste</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>*</role-name> </auth-constraint> <user-data-constraint> <transport-guarantee>NONE</transport-guarantee> </user-data-constraint> </security-constraint> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/erro.html</form-error-page> </form-login-config> </login-config> <welcome-file-list> <welcome-file>index.html</welcome-file> </welcome-file-list> </web-app> ===================================================== and the following contex.xml ===================================================== <?xml version="1.0" encoding="UTF-8"?> <Context debug="99" docBase="${catalina.home}/webapps/testeweb" path="/testeweb"> <Realm className="org.apache.catalina.realm.JDBCRealm" driverName="oracle.jdbc.driver.OracleDriver" connectionURL="jdbc:oracle:thin:@localhost:1521/XE" connectionName="saps" connectionPassword="saps" userTable="USUARIODOSISTEMA" userNameCol="NOME" userCredCol="NOME" userRoleTable="PAPEISDOUSUARIO" roleNameCol="NOMEDOPAPEL" /> </Context> ===================================================== The application runs ok in Tomcat 5.0 but in 5.5.20 and 5.5.25 I have the error page ===================================================== HTTP Status 403 - Access to the requested resource has been denied -------------------------------------------------------------------------------- type Status report message Access to the requested resource has been denied description Access to the specified resource (Access to the requested resource has been denied) has been forbidden. -------------------------------------------------------------------------------- Apache Tomcat/5.5.20 ===================================================== and a log segment (the very final lines in the log's file before the HTTP 403) ===================================================== ... DEBUG http-80-Processor24 org.apache.catalina.authenticator.FormAuthenticator - Save request in session 'C47C8398E47E5894DB8531EDBC2E0630' DEBUG http-80-Processor24 org.apache.catalina.authenticator.FormAuthenticator - Authenticating username 'usuario1' DEBUG http-80-Processor24 org.apache.catalina.authenticator.FormAuthenticator - Authentication of 'usuario1' was successful DEBUG http-80-Processor24 org.apache.catalina.authenticator.FormAuthenticator - Redirecting to original '/testeweb/' DEBUG http-80-Processor24 org.apache.catalina.authenticator.FormAuthenticator - Restore request from session 'C47C8398E47E5894DB8531EDBC2E0630' DEBUG http-80-Processor24 org.apache.catalina.authenticator.FormAuthenticator - Proceed to restored request ===================================================== It seems to be a bug. Does anybody know a workaround? Is there a mistake in my configuration files? Thanks in advance. Diogenes Gomes --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]