users@glassfish.java.net

LDAP(S) Realm HTTP 403 error

From: <glassfish_at_javadesktop.org>
Date: Fri, 15 Feb 2008 05:15:15 PST

Hi

I'm using Glassfish V2 and trying to secure a web application using our corporate Active Directory via ldaps://. Idea is to allow anyone who passes the authentication to use the application.

This is what I've added to my web.xml

[code]
<security-constraint>
        <display-name>Entrire Application</display-name>
        <web-resource-collection>
            <web-resource-name>Entire Application</web-resource-name>
            <description/>
            <url-pattern>/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
            <http-method>HEAD</http-method>
            <http-method>PUT</http-method>
            <http-method>OPTIONS</http-method>
            <http-method>TRACE</http-method>
            <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>All Roles</role-name>
        </auth-constraint>
    </security-constraint>
    
    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>ActiveDirectory</realm-name>
    </login-config>

    <security-role>
        <description/>
        <role-name>All Roles</role-name>
    </security-role>
[/code]

and to sun-web.xml

[code]
    <security-role-mapping>
        <role-name>All Roles</role-name>
        <group-name>*</group-name>
    </security-role-mapping>
[/code]

When I test the application, it shows me the login screen for "ActiveDirectory" as expected. However after successfully authenticating HTTP 403 error page is displayed. There is nothing in the log file.

If I enter a wrong password, I see "LDAP bind failed" as expected, with right password no error is reported in the log file, but HTTP Status 403 page is displayed.

Can somebody help me here.

Thanks in advance
Ramesh
[Message sent by forum member 'rmsh' (rmsh)]

http://forums.java.net/jive/thread.jspa?messageID=259170