Jetspeed 2
  1. Jetspeed 2
  2. JS2-828

JAAS authentication failure with Tomcat 5.5.24 and above.

    Details

    • Type: Bug Bug
    • Status: Closed
    • Priority: Critical Critical
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.2.0
    • Component/s: None
    • Labels:
      None
    • Environment:
      Tomcat >= 5.5.24

      Description

      Immediately after logging into the portal, the URL address box in the browser displays:
      http://localhost:20000/jetspeed/login/redirector
      ======================
      And the page displays:
      HTTP Status 403 - Access to the requested resource has been denied

      type Status report

      message Access to the requested resource has been denied

      description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
      Apache Tomcat/5.5.25
      ======================
      I believe this is the same behavior in Tomcat 6.0.x and I get the same thing in GlassFish v2-b58g.

      This does NOT happen in Tomcat 5.5.23 or lower versions. Something changed between 5.5.23 and 5.5.25.
      Also, after the login post if you just type in the URL http://<>/jetspeed, the page appears normally and you can
      function.

      I do not know whether it is relevant but at least GlassFish appears to record the following in the server.log.

      Unable to set request character encoding to UTF-8 from context /jetspeed, because request parameters have already been read, or ServletRequest.getReader() has already been called

        Activity

          People

          • Assignee:
            Ate Douma
            Reporter:
            Mohan Kannapareddy
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development