jolokia 1.3.1 war tomcat https basic auth OPTIONS 403 error

classic Classic list List threaded Threaded
1 message Options
sekaijin sekaijin
Reply | Threaded
Open this post in threaded view
|

jolokia 1.3.1 war tomcat https basic auth OPTIONS 403 error

hi,
I've installed the war jolokia-war-1.3.1 with tomcat manager
I've edited web.xml to uncomment and adapt security options

my login and password works well on another web app with the same config on this tomcat

When I open the URL https://myserver:8443/jolokia/
I get
{"timestamp" 1438351415, "status": 200, ...

but if I go through hawtio xmlhttprequest send a OPTIONS request before a POST
And the response is 403

  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Olympe</realm-name>
  </login-config>

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>Jolokia-Agent Access</web-resource-name>
      <url-pattern>/*</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      <http-method>OPTIONS</http-method>
    </web-resource-collection>
    <auth-constraint>
      <role-name>manager</role-name>
    </auth-constraint>
    <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
  </security-constraint>

  <security-role>
    <role-name>manager</role-name>
  </security-role>


Remote Address:*******:8443
Request URL:https://myserver:8443/jolokia
Request Method:OPTIONS
Status Code:403 Forbidden

thank