Christopher, For some reason, after several filter rebuilds to add in extra logging, the filters are now working across https:// which makes me suspect that it was an issue between the browser and filters not giving out the cookie properly.
Essentially this part of the application relies on a "remember me" cookie for authentication and authorization and if it isn't present, redirects the user to a login page on another part of the site, otherwise the user is just forwarded into the application. Iain -----Original Message----- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: 23 January 2009 19:16 To: Tomcat Users List Subject: Re: 403 on https connection but not http -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Iain, Emsley, I (Iain) wrote: > I'm trying to get https:// working on an application running on Tomcat > 5.5.23 on Windows Server 2003. When I ran the application on port 8080, > it logged me in fine using our login filters, however when I moved to > https://, the application returns 403 without any messages being written > to stdout or logging messages that I've put in the filters to try and > debug them if needs be. Hmm. Your configuration looks okay. Can you do an HTTP capture of the conversation between the client and the server? Do you ever get a login screen, or are you refused immediately upon the first request? Do your filters redirect (as opposed to forwarding) the user to the login screen? If so, are your login pages protected by yoru security-constraints? I wonder if you may have set up auth semantics like this: 1. All pages require a valid login 2. Login page is /login.jsp 3. Per rule #1, /login.jsp requires a login ? - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkl6F38ACgkQ9CaO5/Lv0PDcMACeISFOCEHd/PZ3bmx2+0f8V//o f10An1bZE2vXccP/sanipzyexBtScl7i =jNjP -----END PGP SIGNATURE-----
