Hello, based on the file "authenticationmethod.docx" there is a context param which set the authentication method to the value 0. The context param is not used by tomcat but by the application. So, the application seems to take care of authentication and authorization. 0 which stands for "ssa fm security authentication" according to the comment is not something, which tomcat provides.
I would suggest contacting the developer(s) or the supplier first to get deeper insights about the issue. Greetings, Thomas > -----Ursprüngliche Nachricht----- > Von: Rob Sargent <rsarg...@xmission.com> > Gesendet: Donnerstag, 5. September 2024 04:36 > An: users@tomcat.apache.org > Betreff: Re: How to resolve 403 forbidden error in Tomcat level > > > > > On 9/3/24 11:22, Christopher Schultz wrote: > > Jagadish, > > > > On 8/30/24 10:52, jagadish sahu wrote:> Please find the attached text > > screenshot as you requested. > > > > Okay, I'm going to be perfectly honest: I'm not going to download and > > read all those attachments. That's why I asked for plain-text. > > > > If someone else is willing to go through all that, feel free. > > > > I'm not going to go through a bunch of effort to provide free support. > > > > -chris > Jagadish, > Chris actually will 'go through a bunch of effort', but not extraneous. > user-inflicted, unnecessary effort. > > rjs > > > >> On Fri, Aug 30, 2024 at 3:37 AM Christopher Schultz > >> <ch...@christopherschultz.net <mailto:ch...@christopherschultz.net>> > >> wrote: > >> > >> Jadgish, > >> > >> This list does not accept image attachments. We are not seeing > >> what you > >> are posting. Please post text-only. > >> > >> -chris > >> > >> On 8/29/24 11:01, jagadish sahu wrote: > >> > Hi Team and Christopher, > >> > > >> > We have attached a 403 error screenshot with full information. > >> > The error seems to be generated from Tomcat level. > >> > > >> > We don't have any changes in the java code and our application > >> is > >> > working as expected in Tomcat 9.0.14. > >> > > >> > After upgrading to latest version Tomcat,we have been facing > >> this > >> > issue(Error communicating with web server status:403) > >> > > >> > Please find attached screenshot for authentication and web.xml. > >> > > >> > It would be great help if you provide a solution for this. > >> > > >> > Thanks, > >> > Jagadish > >> > > >> > > >> > > >> > On Thu, Aug 29, 2024 at 6:30 PM Christopher Schultz > >> > <ch...@christopherschultz.net > >> <mailto:ch...@christopherschultz.net> > >> <mailto:ch...@christopherschultz.net > >> <mailto:ch...@christopherschultz.net>>> wrote: > >> > > >> > Jagdesh, > >> > > >> > On 8/29/24 06:29, jagadish sahu wrote: > >> > > We have tested our application in Apache tomcat 9.0.14. > >> It is > >> > working as > >> > > expected, After upgrading from 9.0.14 to the latest > >> versions it > >> > is not > >> > > working. > >> > > > >> > > When we leave the session for 30 mins, we will get > >> some > >> > warning like > >> > > due to an inactive session, you can click on Ok to > >> continue the > >> > session, > >> > > after clicking Ok we are getting a 403 error message > >> (attached > >> > > screenshot for your reference). > >> > > >> > Your screenshot has been stripped from the list. Is this > >> an > >> > application-generated 403 or one from Tomcat? > >> > > >> > > The correct functionality is it should not get any > >> error > >> message, > >> > after > >> > > clicking waring message it should redirect to login > >> page > >> again, > >> > but in > >> > > the latest version of tomcat its not working, so we are > >> > contacting you > >> > > people. > >> > > > >> > > Please provide a solution/ workaround for this issue. > >> > > >> > What kind of authentication are you using? What kind of > >> login > >> mechanism > >> > are you using -- e.g. FORM versus HTTP BASIC/DIGEST, etc.? > >> > > >> > Can you post the relevant parts of your web.xml? > >> > > >> > -chris > >> > > >> > > >> > >> --------------------------------------------------------------------- > >> > To unsubscribe, e-mail: > >> users-unsubscr...@tomcat.apache.org > >> <mailto:users-unsubscr...@tomcat.apache.org> > >> > <mailto:users-unsubscr...@tomcat.apache.org > >> <mailto:users-unsubscr...@tomcat.apache.org>> > >> > For additional commands, e-mail: > >> users-h...@tomcat.apache.org > >> <mailto:users-h...@tomcat.apache.org> > >> > <mailto:users-h...@tomcat.apache.org > >> <mailto:users-h...@tomcat.apache.org>> > >> > > >> > > >> > > >> > > >> --------------------------------------------------------------------- > >> > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > >> <mailto:users-unsubscr...@tomcat.apache.org> > >> > For additional commands, e-mail: users-h...@tomcat.apache.org > >> <mailto:users-h...@tomcat.apache.org> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > >> <mailto:users-unsubscr...@tomcat.apache.org> > >> For additional commands, e-mail: users-h...@tomcat.apache.org > >> <mailto:users-h...@tomcat.apache.org> > >> > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org
