Search code examples
eclipsetomcat7http-status-code-403

How to change tomcat-users.xml when using Eclipse?

tomcat 7.0 + JSF 2

I get 403 error right after logging in with correct credentials (wrong credentials directs to login.xhtml as expected). I've created new user in apache, rebooted the webservice and still cant connect with it.

tomcat-users.xml

<tomcat-users>
    <user name="lala" password="lala!!!" roles="admin-gui,manager-gui" />
    <role rolename="administrator"/>
    <user username="admin" password="admin" roles="administrator"/>
</tomcat-users>

Why I can login only with lala and not with admin(i've added it manually). any idia why?

and a realm in server.xml (tomcat conf)

under <host>:
<Realm className="com.bannerplay.beans.Admin">

in the project's welcome file (login.xhtml) i've used j_security_check (form-based authentication) 

            <form method="post" action="j_security_check">
            <p>
                Enter user ID and password:<br/> <br/>
                User ID <input type="text" name="j_username"/> 
                Password  <input type="password" name="j_password"/> <br/><br/> 
                <input type="submit" value="Login"/>
            </p>

        </form>

and defined web.xml like that:

  ...
<security-constraint>
    <display-name>Admin</display-name>
    <web-resource-collection>
        <web-resource-name>BannerPlay administration Tool</web-resource-name>
        <description/>
        <url-pattern>/admin/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
        <description/>
        <role-name>administrator</role-name>
    </auth-constraint>
</security-constraint>
<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>com.bannerplay.beans.Admin</realm-name>
    <form-login-config>
        <form-login-page>/faces/login.xhtml</form-login-page>
        <form-error-page>/faces/login.xhtml</form-error-page>
    </form-login-config>
</login-config>
<security-role>
    <description/>
    <role-name>administrator</role-name>
</security-role>

Project Tree: this is the project tree

when trying to access localhost:8080/myProject/ i get to login.xhtml , when typing correct credentials( the 'lala' user works, not the admin ) i get 403. when trying to access localhost:8080/myProject/main.xhtml i'm re-directed to login page again.(after correct credentials)

I've tried to add "administrator" role to user lala, but has the same results.

what should i do? thanks

Solution

  • The solution is NOT to change the tomcat-users.xml file from the hard drive. It must be changed from eclipse. after changing it from HD I noticed it keeps coming back to old version of the file,instead of keeping my changes. this happens after running the project. Change it from eclipse and problem solved.