Non ssl - gives 403 forbidden
I can access the EM 12c with the ssl address https://server:7799/em
but I would like to use the non-ssl side of it... I can access http://server:7788 and get the welcome index page.. but if I use http://server:7788/em I get Error 403 Forbidden...
It sounds like your console is Locked. You can check the status with the command 'emctl status oms -details'.
To unlock the console use 'emctl secure unlock -console'
If you also want to unlock agent/OMS communication use 'emctl secure unlock -upload'
See the Administrators Guide for further details.
Similar Messages
-
Why do Chatropolis entry pages give "403 Forbidden" error on all browsers?
I've been running Mac OS 10.4.11 successfully since it's release, and I normally have the following browsers installed & working: Safari 3.1.1 (my default/first choice), Safari 2.0.4, Firefox 2.0.0.14, and the PC version of Internet Explorer (6.0.2) which I can run in Windows 2000 under Virtual PC 7.0.2 emulation.
Suddenly, 2 days ago, for no reason at all, the ability of my Mac to access any of the chatroom entry pages on the chatropolis.com website stopped working. (Please be warned - BEFORE you visit chatropolis.com - that it primarily hosts ADULT chatrooms!). This is after many years of problem-free access to these pages, using my current Mac, and previous Macs.
I can still access the home page, the user list pages, etc., but trying to access the room entry pages for any chatroom at all gives a simple black page with white text, which reads:
403 Forbidden
You are not authorized to access this resource.
The entry pages all take the form http://csX.chatropolis.com/enter/roomname
where "X" is the server number that the particular room is hosted on (normally "7" or "10") and "roomname" is the name of the chatroom that I'm trying to enter. For example, the URL of the room entry page for the room "Current Events" is http://cs10.chatropolis.com/enter/currentevents
I can access any page on the Chatropolis site that DOESN'T start http://csX.chatropolis.com/enter/....... but none of the pages that DO start this way!
This occurs whichever browser I use, and even occurs using the PC version of Internet Explorer 6.0.2 running under Virtual PC emulation!
I've tried all of the following to solve the problem, but nothing works:
I've tried deleting both Safari 3.1.1 & Safari 2.0.4, and then reinstalling Safari 3.1.1.
I've purged all the caches, cookies, browsing histories, etc. of all my browsers, both within the browsers themselves, and by using Intego Washing Machine 1.1 (which comes free with Intego NetBarrier 5). I do this purging regularly anyway.
I've restarted the Mac several times.
Using Disk Utility, I've repaired permissions on the boot HD several times. I've verified the boot HD, and no problems were found.
I've rebooted the Mac from my Alsoft DiskWarrior 4.0 CD and successfully run "Repair Disk Permissions" and "Check All Files & Folders" on all my hard drives, including the boot disk, and I've successfully rebuilt & replaced the directories on all the drives.
I've successfully accessed the pages in question using a friends Mac, who lives very nearby, and uses the same product (2 MB cable broadband internet connection) from the same ISP as me.
I've searched for all files on my Mac that have a modification date of 2 days ago, and deleted any that are in any way relevant to web browsers.
I've emailed the owner of Chatropolis (Michael Ludwick) and asked for his help. He thought that maybe I'd installed some software prior to the problem arising, but this isn't the case. He also dismissed my theory that my ISP might be blocking access for some reason. On the day I first emailed him (Sunday), he told me that there had been over 700,000 successful logins, and that I was the only person to contact technical support that day saying that I couldn't gain access. He tells me that "The error page actually resides on your machine so the src isn't important" even though the colour scheme of the error page matches every other error page on Chatropolis!
I now suspect that the problem lies in the part of the Mac OS which is activated when certain types of pages on the internet are accessed, whichever browser makes the call - some deep part of the OS that is normally invisible to the user, and has to function normally for certain types of internet access to take place.
All non-entry pages on Chatropolis work perfectly, as do all other websites, as does sending & receiving email.
Everything is bang up-to-date with Software Update. Nothing was installed or removed prior to the problem occurring.
If anyone has any suggestions, I'd be very grateful. I'm no UNIX geek, but I've been using the Mac OS since the System 6 days, and I know my way around it pretty well. I'd rather venture into the dark abyss that is Terminal and perform some sort of command line fix than have to reinstall the entire OS!
I've read many times over the years that Mac OS X performs housekeeping/janatorial tasks "overnight" from time to time, but I never leave my Mac on overnight. It's shutdown & restarted at least once a day. Is there perhaps one of these "housekeeping" tasks that has never been performed, and that should be, that might solve the problem? If so, how do I force these tasks to be performed immediately, to see if that helps?
Many thanks in advance for any constructive input!Diamond Dave wrote:
Reinstalling Safari 3.1.1 appears to have recreated a fresh copy of the WebKit.framework folder and all it's contents, in the correct place. Needless to say, as ever, this hasn't solved the problem...
Hmm. Wish I'd seen your posts earlier, I could have saved you some trouble. It's nothing on your machine. It's a problem at Chatropolis. I am able access a page on one of the two machines, the one at cs10.chatropolis.com. But the one at cs7.chatropolis.com, while the server is there, and can be pinged, sends back a "404 - not found" response.
No matter what the owner says, these errors are server errors on his end, and have nothing to do with any settings on your computer. He's simply mistaken when he says they are coming off your computer. It's possible that he's confused by how Internet Explorer on Windows can be set up so that it will give you an error page that looks a lot like the same error page you'll get from a Windows IIS server. Or he simply doesn't know the technical details.
But it doesn't look like he's running a Windows IIS server, either. According to the headers on his servers, they're running something called "IFCS", which a little digging shows to be something owned by his company.
charlie -
WebServices over SSL - 403 Forbidden error
Hello all,
I am able to successfully communicate with a SSL enabled .NET webservice using apache-axis in my java code. however, when i
try the same with weblogic based libs [%bea_home%\server\lib\webserviceclient+ssl.jar] - assume the other jars are ok, i get
the following exception stack trace:
Disabling strict checking on adapter weblogic.webservice.client.WLSSLAdapter@55a338
Set TrustManager to weblogic.webservice.client.BaseWLSSLAdapter$NullTrustManager@fdb00d
Set HostnameVerifier to weblogic.webservice.client.WLSSLAdapter$NullVerifier@131303f
Disabling strict checking on adapter weblogic.webservice.client.WLSSLAdapter@6b9c84
Set TrustManager to weblogic.webservice.client.BaseWLSSLAdapter$NullTrustManager@e1eea8
Set HostnameVerifier to weblogic.webservice.client.WLSSLAdapter$NullVerifier@131303f
Got new socketfactory javax.net.ssl.impl.SSLSocketFactoryImpl@18f51f
Connecting to:www.abc.com port:443
socket:Socket[addr=www.abc.com/12.345.67.89,port=443,localport=4802]com.certicom.tls.interfaceimpl.TLSConnectionImpl@e35bb7
Warning: cert chain incomplete
Warning: cert chain untrusted
Warning: subject (www.abc.com, OU=Terms of use at www.verisign.com/rpa (c)00, OU=ABC 1, O=ABC inc, L=abc, ST=abc, C=abc) does
not match server name (null)
<Jul 27, 2004 10:52:49 AM GMT+05:30> <Info> <WebService> <BEA-220025> <Handler weblogic.webservice.core.handler.ClientHandler
threw an exception from its handleResponse method. The exception was:
javax.xml.rpc.JAXRPCException: weblogic.webservice.util.AccessException: The server at
https://www.abc.com/abcdef/ABCWebService.asmx?WSDL returned a 403 error code (Forbidden). Please ensure that your URL is
correct and that the correct protocol is in use..>
A RemoteException has been thrown
java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: The server at
https://www.abc.com/abcdef/ABCWebService.asmx?WSDL returned a 403 error code (Forbidden). Please ensure that your URL is
correct and that the correct protocol is in use.
Detail:
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">
</bea_fault:stacktrace>weblogic.webservice.util.AccessException: The server at
https://www.abc.com/abcdef/ABCWebService.asmx?WSDL returned a 403 error code (Forbidden). Please ensure that your URL is
correct and that the correct protocol is in use.
at weblogic.webservice.binding.soap.HttpClientBinding.handleErrorResponse(HttpClientBinding.java:371)
at weblogic.webservice.binding.soap.HttpClientBinding.receive(HttpClientBinding.java:233)
at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:63)
at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:230)
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:229)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:444)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:430)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:270)
at com.webservice.abc.client.proxy.ABCWebserviceSoap_Stub.getABC(ABCWebserviceSoap_Stub.java:113)
at com.webservice.abc.client.ABC_WS_Client.main(ABC_WS_Client.java:158)
</detail>; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: The server at https://www.abc.com/abcdef/ABCWebService.asmx?WSDL returned a
403 error code (Forbidden). Please ensure that your URL is correct and that the correct protocol is in use.
at com.webservice.abc.client.proxy.ABCWebserviceSoap_Stub.getABC(ABCWebserviceSoap_Stub.java:118)
at com.webservice.abc.client.ABC_WS_Client.main(ABC_WS_Client.java:158)
Caused by: javax.xml.rpc.soap.SOAPFaultException: The server at https://www.abc.com/abcdef/ABCWebService.asmx?WSDL returned a
403 error code (Forbidden). Please ensure that your URL is correct and that the correct protocol is in use.
at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:285)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:444)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:430)END
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:270)
at com.webservice.abc.client.proxy.ABCWebserviceSoap_Stub.getABC(ABCWebserviceSoap_Stub.java:113)
... 1 moreHi All,
I am new to webservice programming. I am trying to consume webservice over https. I am using weblogic 8.1 sp2. I am getting http 403 forbidden error. from the log it seems that ssl handshaking is completing.
Algorithm: [MD2withRSA]
Signature:
0000: BB 4C 12 2B CF 2C 26 00 4F 14 13 DD A6 FB FC 0A .L.+.,&.O.......
0010: 11 84 8C F3 28 1C 67 92 2F 7C B6 C5 FA DF F0 E8 ....(.g./.......
0020: 95 BC 1D 8F 6C 2C A8 51 CC 73 D8 A4 C0 53 F0 4E ....l,.Q.s...S.N
0030: D6 26 C0 76 01 57 81 92 5E 21 F1 D1 B1 FF E7 D0 .&.v.W..^!......
0040: 21 58 CD 69 17 E3 44 1C 9C 19 44 39 89 5C DC 9C !X.i..D...D9.\..
0050: 00 0F 56 8D 02 99 ED A2 90 45 4C E4 BB 10 A4 3D ..V......EL....=
0060: F0 32 03 0E F1 CE F8 E8 C9 51 8C E6 62 9F E6 9F .2.......Q..b...
0070: C0 7D B7 72 9C C9 36 3A 6B 9F 4E A8 FF 64 0D 64 ...r..6:k.N..d.d
]>
<Jan 30, 2006 11:39:29 AM GMT+05:30> <Debug> <TLS> <000000> <SSLTrustValidator r
eturns: 0>
<Jan 30, 2006 11:39:29 AM GMT+05:30> <Debug> <TLS> <000000> <Trust status (0): N
ONE>
<Jan 30, 2006 11:39:29 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: S
erverHelloDone>
<Jan 30, 2006 11:39:29 AM GMT+05:30> <Debug> <TLS> <000000> <write HANDSHAKE off
set = 0 length = 134>
<Jan 30, 2006 11:39:29 AM GMT+05:30> <Debug> <TLS> <000000> <write CHANGE_CIPHER
_SPEC offset = 0 length = 1>
<Jan 30, 2006 11:39:29 AM GMT+05:30> <Debug> <TLS> <000000> <write HANDSHAKE off
set = 0 length = 16>
<Jan 30, 2006 11:39:29 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivat
ed: false>
<Jan 30, 2006 11:39:29 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: f
alse>
<Jan 30, 2006 11:39:29 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivat
ed: false>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 readRecord(
)>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 SSL3/TLS MA
C>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 received CH
ANGE_CIPHER_SPEC>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivat
ed: false>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: f
alse>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivat
ed: false>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 readRecord(
)>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 SSL3/TLS MA
C>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 received HA
NDSHAKE>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <HANDSHAKEMESSAGE: F
inished>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <write APPLICATION_D
ATA offset = 0 length = 304>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <write APPLICATION_D
ATA offset = 0 length = 558>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 read( offse
t: 0 length: 2048 )>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivat
ed: false>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <isMuxerActivated: f
alse>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <SSLFilter.isActivat
ed: false>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 readRecord(
)>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 SSL3/TLS MA
C>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 received AP
PLICATION_DATA>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 APPDATA dat
abufferLen 0>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 APPDATA con
tentLength 1907>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 read databu
fferLen 1907>
<Jan 30, 2006 11:39:30 AM GMT+05:30> <Debug> <TLS> <000000> <5564590 read A retu
rns 1907>
javax.xml.soap.SOAPException: Failed to send message: weblogic.webservice.util.A
ccessException: The server at https://www.3pv.net/3PVWebServices/3PVWebServices.
asmx?wsdl returned a 403 error code (Forbidden). Please ensure that your URL is
correct and that the correct protocol is in use.
at weblogic.webservice.core.soap.SOAPConnectionImpl.call(SOAPConnectionI
mpl.java:61)
at com.ceon.pencor.threepv.ThreePVUtils.sendOrderRequest(ThreePVUtils.ja
va:350)
at com.ceon.pencor.threepv.ThreePVAdapterImpl.sendThreePVRequest(ThreePV
AdapterImpl.java:119)
at com.ceon.pencor.threepv.ThreePVAdapterImpl_ydsnbq_EOImpl.sendThreePVR
equest(ThreePVAdapterImpl_ydsnbq_EOImpl.java:46)
at com.ceon.pencor.threepv.ThreePVAdapterImpl_ydsnbq_EOImpl_WLSkel.invok
e(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:477)
at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServerR
ef.java:108)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:420)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:353)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
144)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.jav
a:415)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest
.java:30)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
Caused by: weblogic.webservice.util.AccessException: The server at https://www.3
pv.net/3PVWebServices/3PVWebServices.asmx?wsdl returned a 403 error code (Forbid
den). Please ensure that your URL is correct and that the correct protocol is i
n use.
at weblogic.webservice.binding.http11.Http11ClientBinding.handleErrorRes
ponse(Http11ClientBinding.java:136)
at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11
ClientBinding.java:220)
at weblogic.webservice.core.soap.SOAPConnectionImpl.call(SOAPConnectionI
mpl.java:57)
... 13 more
javax.xml.soap.SOAPException: Failed to send message: weblogic.webservice.util.A
ccessException: The server at https://www.3pv.net/3PVWebServices/3PVWebServices.
asmx?wsdl returned a 403 error code (Forbidden). Please ensure that your URL is
correct and that the correct protocol is in use.
at weblogic.webservice.core.soap.SOAPConnectionImpl.call(SOAPConnectionI
mpl.java:61)
at com.ceon.pencor.threepv.ThreePVUtils.sendOrderRequest(ThreePVUtils.ja
va:350)
at com.ceon.pencor.threepv.ThreePVAdapterImpl.sendThreePVRequest(ThreePV
AdapterImpl.java:119)
at com.ceon.pencor.threepv.ThreePVAdapterImpl_ydsnbq_EOImpl.sendThreePVR
equest(ThreePVAdapterImpl_ydsnbq_EOImpl.java:46)
at com.ceon.pencor.threepv.ThreePVAdapterImpl_ydsnbq_EOImpl_WLSkel.invok
e(Unknown Source)
at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:477)
at weblogic.rmi.cluster.ReplicaAwareServerRef.invoke(ReplicaAwareServerR
ef.java:108)
at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:420)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:353)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
144)
at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.jav
a:415)
at weblogic.rmi.internal.BasicExecuteRequest.execute(BasicExecuteRequest
.java:30)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:197)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:170)
Caused by: weblogic.webservice.util.AccessException: The server at https://www.3
pv.net/3PVWebServices/3PVWebServices.asmx?wsdl returned a 403 error code (Forbid
den). Please ensure that your URL is correct and that the correct protocol is i
n use.
at weblogic.webservice.binding.http11.Http11ClientBinding.handleErrorRes
ponse(Http11ClientBinding.java:136)
at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11
ClientBinding.java:220)
at weblogic.webservice.core.soap.SOAPConnectionImpl.call(SOAPConnectionI
mpl.java:57)
... 13 more
ERROR : Exception is occurred during connecting url:https://www.3pv.net/3PVWebS
ervices/3PVWebServices.asmx?wsdl
Please help...
Cordially
Sandip -
403 Forbidden Error on directory but not on index page.
I can't seem to find the source of the 403 Forbidden error. Index page works as expected but accessing the owncoud directory throws this error. Configs below.
httpd.conf
condensed:
ServerRoot "/etc/httpd"
Listen 80
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
LoadModule mime_module modules/mod_mime.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_express_module modules/mod_proxy_express.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule php5_module modules/libphp5.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
<IfModule unixd_module>
User http
Group http
</IfModule>
ServerAdmin [email protected]
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/srv/http"
<Directory "/srv/http">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<Directory "/srv/http/owncloud">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "/var/log/httpd/error_log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "/var/log/httpd/access_log" common
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/srv/http/cgi-bin/"
</IfModule>
<IfModule cgid_module>
</IfModule>
<Directory "/srv/http/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
</IfModule>
Include conf/extra/httpd-mpm.conf
Include conf/extra/httpd-multilang-errordoc.conf
Include conf/extra/httpd-autoindex.conf
Include conf/extra/httpd-languages.conf
Include conf/extra/httpd-userdir.conf
Include conf/extra/httpd-default.conf
Include conf/vhosts/itiest.com
Include conf/extra/php5_module.conf
<IfModule proxy_html_module>
Include conf/extra/proxy-html.conf
</IfModule>
Include conf/extra/httpd-ssl.conf
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
Include conf/extra/owncloud.conf
With Comments:
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
# In particular, see
# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
# for a discussion of each configuration directive.
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "logs/access_log"
# with ServerRoot set to "/usr/local/apache2" will be interpreted by the
# server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
# will be interpreted as '/logs/access_log'.
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
# Do not add a slash at the end of the directory path. If you point
# ServerRoot at a non-local disk, be sure to specify a local disk on the
# Mutex directive, if file-based mutexes are used. If you wish to share the
# same ServerRoot for multiple httpd daemons, you will need to change at
# least PidFile.
ServerRoot "/etc/httpd"
# Mutex: Allows you to set the mutex mechanism and mutex file directory
# for individual mutexes, or change the global defaults
# Uncomment and change the directory if mutexes are file-based and the default
# mutex file directory is not on a local disk or is not appropriate for some
# other reason.
# Mutex default:/run/httpd
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#Listen 12.34.56.78:80
Listen 80
# Dynamic Shared Object (DSO) Support
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
# Example:
# LoadModule foo_module modules/mod_foo.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
#LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
LoadModule authn_socache_module modules/mod_authn_socache.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
#LoadModule authz_owner_module modules/mod_authz_owner.so
#LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_core_module modules/mod_authz_core.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
#LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_form_module modules/mod_auth_form.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
#LoadModule allowmethods_module modules/mod_allowmethods.so
#LoadModule file_cache_module modules/mod_file_cache.so
#LoadModule cache_module modules/mod_cache.so
#LoadModule cache_disk_module modules/mod_cache_disk.so
#LoadModule cache_socache_module modules/mod_cache_socache.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
#LoadModule socache_dbm_module modules/mod_socache_dbm.so
#LoadModule socache_memcache_module modules/mod_socache_memcache.so
#LoadModule watchdog_module modules/mod_watchdog.so
#LoadModule macro_module modules/mod_macro.so
#LoadModule dbd_module modules/mod_dbd.so
#LoadModule dumpio_module modules/mod_dumpio.so
#LoadModule echo_module modules/mod_echo.so
#LoadModule buffer_module modules/mod_buffer.so
#LoadModule data_module modules/mod_data.so
#LoadModule ratelimit_module modules/mod_ratelimit.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
#LoadModule request_module modules/mod_request.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
#LoadModule reflector_module modules/mod_reflector.so
#LoadModule substitute_module modules/mod_substitute.so
#LoadModule sed_module modules/mod_sed.so
#LoadModule charset_lite_module modules/mod_charset_lite.so
#LoadModule deflate_module modules/mod_deflate.so
#LoadModule xml2enc_module modules/mod_xml2enc.so
#LoadModule proxy_html_module modules/mod_proxy_html.so
LoadModule mime_module modules/mod_mime.so
#LoadModule ldap_module modules/mod_ldap.so
LoadModule log_config_module modules/mod_log_config.so
#LoadModule log_debug_module modules/mod_log_debug.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule logio_module modules/mod_logio.so
#LoadModule lua_module modules/mod_lua.so
LoadModule env_module modules/mod_env.so
#LoadModule mime_magic_module modules/mod_mime_magic.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
#LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
#LoadModule ident_module modules/mod_ident.so
#LoadModule usertrack_module modules/mod_usertrack.so
#LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
#LoadModule remoteip_module modules/mod_remoteip.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
#LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_express_module modules/mod_proxy_express.so
#LoadModule session_module modules/mod_session.so
#LoadModule session_cookie_module modules/mod_session_cookie.so
#LoadModule session_crypto_module modules/mod_session_crypto.so
#LoadModule session_dbd_module modules/mod_session_dbd.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
#LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
LoadModule ssl_module modules/mod_ssl.so
#LoadModule dialup_module modules/mod_dialup.so
LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
#LoadModule mpm_event_module modules/mod_mpm_event.so
LoadModule unixd_module modules/mod_unixd.so
#LoadModule heartbeat_module modules/mod_heartbeat.so
#LoadModule heartmonitor_module modules/mod_heartmonitor.so
#LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule asis_module modules/mod_asis.so
#LoadModule info_module modules/mod_info.so
#LoadModule suexec_module modules/mod_suexec.so
#LoadModule cgid_module modules/mod_cgid.so
#LoadModule cgi_module modules/mod_cgi.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
#LoadModule dav_lock_module modules/mod_dav_lock.so
#LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule php5_module modules/libphp5.so
#LoadModule imagemap_module modules/mod_imagemap.so
#LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
#LoadModule rewrite_module modules/mod_rewrite.so
<IfModule unixd_module>
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
# User/Group: The name (or #number) of the user/group to run httpd as.
# It is usually good practice to create a dedicated user and group for
# running httpd, as with most system services.
User http
Group http
</IfModule>
# 'Main' server configuration
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [email protected]
ServerAdmin [email protected]
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
# If your host doesn't have a registered DNS name, enter its IP address here.
#ServerName www.example.com:80
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
<Directory />
AllowOverride none
Require all denied
</Directory>
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot "/srv/http"
<Directory "/srv/http">
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
Options Indexes FollowSymLinks
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit
AllowOverride None
# Controls who can get stuff from this server.
Require all granted
</Directory>
<Directory "/srv/http/owncloud">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<Files ".ht*">
Require all denied
</Files>
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
ErrorLog "/var/log/httpd/error_log"
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
<IfModule log_config_module>
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
CustomLog "/var/log/httpd/access_log" common
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#CustomLog "/var/log/httpd/access_log" combined
</IfModule>
<IfModule alias_module>
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:
# Redirect permanent /foo http://www.example.com/bar
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
ScriptAlias /cgi-bin/ "/srv/http/cgi-bin/"
</IfModule>
<IfModule cgid_module>
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.
#Scriptsock cgisock
</IfModule>
# "/srv/http/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
<Directory "/srv/http/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
TypesConfig conf/mime.types
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#AddType application/x-gzip .tgz
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#AddHandler cgi-script .cgi
# For type maps (negotiated resources):
#AddHandler type-map var
# Filters allow you to process content before it is sent to the client.
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
</IfModule>
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#MIMEMagicFile conf/magic
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
# MaxRanges: Maximum number of Ranges in a request before
# returning the entire resource, or one of the special
# values 'default', 'none' or 'unlimited'.
# Default setting is to accept 200 Ranges.
#MaxRanges unlimited
# EnableMMAP and EnableSendfile: On systems that support it,
# memory-mapping or the sendfile syscall may be used to deliver
# files. This usually improves server performance, but must
# be turned off when serving from networked-mounted
# filesystems or if support for these functions is otherwise
# broken on your system.
# Defaults: EnableMMAP On, EnableSendfile Off
#EnableMMAP off
#EnableSendfile on
# Supplemental configuration
# The configuration files in the conf/extra/ directory can be
# included to add extra features or to modify the default configuration of
# the server, or you may simply copy their contents here and change as
# necessary.
# Server-pool management (MPM specific)
Include conf/extra/httpd-mpm.conf
# Multi-language error messages
Include conf/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
Include conf/extra/httpd-autoindex.conf
# Language settings
Include conf/extra/httpd-languages.conf
# User home directories
Include conf/extra/httpd-userdir.conf
# Real-time info on requests and configuration
#Include conf/extra/httpd-info.conf
# Virtual hosts
#Include conf/extra/httpd-vhosts.conf
# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf
# Various default settings
Include conf/extra/httpd-default.conf
## vhosts
Include conf/vhosts/itiest.com
Include conf/extra/php5_module.conf
# Configure mod_proxy_html to understand HTML4/XHTML1
<IfModule proxy_html_module>
Include conf/extra/proxy-html.conf
</IfModule>
# Secure (SSL/TLS) connections
Include conf/extra/httpd-ssl.conf
# Note: The following must must be present to support
# starting without SSL on platforms with no /dev/random equivalent
# but a statically compiled-in mod_ssl.
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
# uncomment out the below to deal with user agents that deliberately
# violate open standards by misusing DNT (DNT *must* be a specific
# end-user choice)
#<IfModule setenvif_module>
#BrowserMatch "MSIE 10.0;" bad_DNT
#</IfModule>
#<IfModule headers_module>
#RequestHeader unset DNT env=bad_DNT
#</IfModule>
Include conf/extra/owncloud.conf
##open_basedir=/srv/http/:/home/:/tmp/:/usr/share/pear/:/path/to/documentroot
$ ls -al /srv/http/
total 16876
drwxr-xr-x 4 root http 4096 Mar 6 17:51 .
drwxr-xr-x 4 root root 4096 Feb 15 13:57 ..
-rwxrwxrwx 1 root http 295 Mar 6 11:51 index.html
drwxrwxr-x 11 http http 4096 Feb 6 18:33 owncloud
-rw-r--r-- 1 root root 17200380 Feb 6 18:41 owncloud-8.0.0.tar.bz2
-rw-r--r-- 1 root root 52966 Mar 6 11:49 smallpizza.jpg
-rw-r--r-- 1 root root 20 Mar 6 16:24 test.php
# groups http
wheel http
Last edited by johan1391 (2015-03-07 04:11:12)/var/log/httpd/owncloud-error.log
192.168.1.1 - - [06/Mar/2015:17:52:02 -0800] "GET /owncloud/ HTTP/1.1" 403 1002
192.168.1.1 - - [06/Mar/2015:17:52:51 -0800] "GET /owncloud/ HTTP/1.1" 403 1002
192.168.1.1 - - [06/Mar/2015:17:52:53 -0800] "GET /owncloud/ HTTP/1.1" 403 1002
$ ls -al /usr/share/webapps/
drwxr-xr-x 5 root root 4096 Mar 6 17:12 .
drwxr-xr-x 165 root root 4096 Mar 6 21:22 ..
drwxr-xr-x 4 http http 4096 Mar 6 17:49 owncloud
drwxr-xr-x 10 root root 4096 Mar 5 02:11 phpMyAdmin
drwxr-xr-x 6 root root 4096 Sep 18 09:08 php-xcache
Also keep in mind that I've installed owncloud using the source downloaded from the website. I previously installed using the pacman, but wanted to configure it to be under a sub directory and not as my web root.
Last edited by johan1391 (2015-03-07 19:03:19) -
WSRM messages stuck in PI with HTTP code:403 forbidden
Hi Guys,
We have interface from FILE to WS where file is being sent from third party system to ECC in which we are facing issue.
This service uses HTTPS protocol and while creating the binding in ECC SOAMANAGER we have used communication security as "SSL over HTTP" whereelse in HTTP portocol "none" is selected.
I have tested the wsdl url in browser and is working fine but while sending the message it throwing HTTP code: 403 forbidden error.
Can you help me to resolve this issue?
Thanks
AkiHI,
I have tested the wsdl url in browser and is working fine but while sending the message it throwing HTTP code: 403 forbidden error.
Can you help me to resolve this issue?
HTTP code: 403 forbidden error might occur The server understood the request, but is refusing to fulfill it
Path sap/xi/engine not active
u2022 HTTP 403 during cache refresh of the adapter framework - Refer SAP Note -751856
u2022 Because of Inactive Services in ICF u2013Go to SICF transaction and activate the services. Refer SAP Note -517484
u2022 Error in RWB/Message Monitoring- because of J2EE roles u2013 Refer SAP Note -796726
u2022 Error in SOAP Adapter - "403 Forbidden" from the adapter's servlet. u2013Because of the URL is incorrect or the adapter is not correctly deployed.
regards,
ganesh. -
Hi,
We are using Hyperion planning 11.1.1.3.
One user is getting the following error when he is trying to access the workpsace.
HTTP 403 Forbidden
The website declined to show this webpage.
Others users are able to access the workspace. So are there any settings on his PC that is preventing the workspace from being loaded.
Both the SSL and non SSL URLs are giving the same error.
Thanks.Is this a new installation or a small development installation that not many people have used? A 403 Error will be sent by Weblogic when it is in development mode and only allows 5 Unique IP addresses to connect and then subsequent connections receive a 403 Error; restarting the service would allow this user to connect if this were the case or if you connect with Firefox from that users PC it would confirm it.
You can see a below thread of a similar issue and how to resolve if this is indeed the case:
Re: Unable to open SmartView
Regards,
John A. Booth
http://www.metavero.com -
Java.io.FileNotFoundException: Response: '403: Forbidden' for url
Hi,
I'm in wls7.0sp6 and trying to connect to a secure site, bu all I get is either
"java.io.FileNotFoundException: Response: '403: Forbidden' for url 'https://www.....'"
or
java.net.SocketException: Connection aborted by peer: JVM_recv in socket input stream read
I can connect to this url in html form post from browser.
I was battling with it for a week already.
Any help will be appreciated.When i connect through the browser i connect using the Https to that URL. There is no more authentication for that. It just accepts the username and password that i am sending in along with the request.
I am able to connect to the server using the jdk1.3 stand alone implementing with the SSL handler.
But when i try to do that through weblogic it gives me the following error.
java.io.FileNotFoundException: Response: '403: Forbidden' for url: 'https://server4.dollarsonthenet.net/api/s4tran_action.cfm'
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:379)
at com.acquity.ond.burton.shift4.Shift4CardClient.sendPostToServer(Shift4CardClient.java:306)
at com.acquity.ond.burton.shift4.Shift4CardClient.processCreditCard(Shift4CardClient.java:97)
at com.acquity.ond.burton.shift4.Shift4CheckCardBalance.execute(Shift4CheckCardBalance.java:50)
at com.bluemartini.server.BusinessActionServlet.executeInternal(BusinessActionServlet.java:419)
at com.bluemartini.server.BusinessActionServlet.executeOnce(BusinessActionServlet.java:359)
at com.bluemartini.server.BusinessActionServlet.executeInternal(BusinessActionServlet.java:214)
at com.bluemartini.server.BusinessActionServlet.execute(BusinessActionServlet.java:48)
at com.bluemartini.client.BusinessActionClient.executeBusinessActionInternal(BusinessActionClient.java:761)
at com.bluemartini.client.BusinessActionClient.executeBusinessAction(BusinessActionClient.java:283)
at com.bluemartini.client.BusinessActionClient.executeBusinessAction(BusinessActionClient.java:210)
at com.bluemartini.html.StandardRequestHandler.executeProcessBusinessAction(StandardRequestHandler.java:2512)
at com.bluemartini.html.StandardRequestHandler.executeProcessBusinessActions(StandardRequestHandler.java:2392)
at com.bluemartini.html.StandardRequestHandler.handleRequest(StandardRequestHandler.java:605)
at com.bluemartini.html.HTMLFilter.doFilter(HTMLFilter.java:321)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:27)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:5632)
at weblogic.security.service.
Regards,
Mayuri -
Solution: Apache2 personal web sharing 403 Forbidden error
Many people are puzzled about Apache 2 throwing 403 Forbidden errors when accessing the user's personal website, although the computer website works. And a lot of incorrect solutions are floating around. I decided to post some info that hopefully will clarify the issue.
As an example, my new Mac mini would run a website OK at http://192.168.0.2/ but my personal website at http://192.168.0.2/~username/ would give a 403 Forbidden error. I believe I have found out why. This is due to incorrect user-level settings that I believe were migrated from a previous OS version. I migrated from an old Power Mac G5 Quad with MacOS X 10.5 to my new Mac mini with MacOS X Lion 10.7.
The problem here is that Apache denies access to the user level Sites folder. If you create a new user on Lion, the system will create a username.conf, where username is the user's short name. But if you migrated from a previous version, this file will not exist, so Apache will not serve pages from the user's Sites folder. Some people tried to fix this by modifying httpd.conf, for example, by putting virtual hosts on the computer's main site. But that's not the right place to fix it. This should be fixed at the username.conf level. So.. look for this file with your username:
/private/etc/apache2/users/yourusername.conf
If it does not exist, you will have to create it in a text editor, and change the owners. First get a text editor and create it, for example you could do this in pico
sudo pico /private/etc/apache2/users/yourusername.conf
Then add this to the file and save it:
<Directory "/Users/yourusername/Sites/">
Options Indexes MultiViews ExecCGI
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all
</Directory>
Be sure to hit Control-O (letter o) to write out the file then Control-X to exit the pico editor. Note that I have enabled some options, like ExecCGI to allow .cgi files to run, and Authconfig and FileInfo so some useful .htaccess methods work. You could dumb it down and say AllowOverride none like the default settings.
Once you have created the yourusername.conf file, you will have to change the ownership to system:wheel. However, oddly enough, you can't chown system, you have to chown root. So the command will look like this:
sudo chown root:wheel /private/etc/apache2/users/yourusername.conf
You can put other directives here that will only apply to this user. Try to avoid modifying httpd.conf, it's easy to mess up globally and it can be hard to fix if you break it.Howdy, I was having the same problem you were having, until I noticed that I had placed some incompatible File Sharing settings on my home folder. Specifically, I had placed No Access for the 'everyone' group, which is the group that Apache uses.
Thus, even though my ~/Sites folder had "public" permissions, the enclosing folder (~/) had even more restrictive permissions so Apache couldn't serve anything from it.
Check to see if you've enabled any custom File Sharing permissions on your home (or Sites) directory in the Sharing preference pane.
hth.
Message was edited by: Wesley Miyazaki [corrected OS version] -
I am trying to invoke a CFC via a URL:
$(function () {
'use strict';
// Load countries then initialize plugin:
$.ajax({
url: 'https://....countries.cfc?method=getCountries',
// url: '/autocomplete/content/countries.txt',
dataType: 'json'
}).done(function (source) {
var countriesArray = $.map(source, function (value, key) { return { value: value, data: key }; }),
countries = $.map(source, function (value) { return value; });
And get the following error:
NetworkError: 403 Forbidden -
Any help in fixing this would be appreciated.I intalled HTTP Trace it gives me no errors
Firebug doesn't either.
I am using a full https path. Yes the page is served securely.
Here is the code: (Domain removed because its our DEV server)
/*jslint browser: true, white: true, plusplus: true */
/*global $: true */
$(function () {
'use strict';
// Load countries then initialize plugin:
$.ajax({
url: 'https://...../countries.cfc?method=getCountries',
dataType: 'json'
}).done(function (source) {
var countriesArray = $.map(source, function (value, key) { return { value: value, data: key }; }),
countries = $.map(source, function (value) { return value; });
// Setup jQuery ajax mock:
$.mockjax({
url: '*',
responseTime: 2000,
response: function (settings) {
var query = settings.data.query,
queryLowerCase = query.toLowerCase(),
re = new RegExp('\\b' + $.Autocomplete.utils.escapeRegExChars(queryLowerCase), 'gi'),
suggestions = $.grep(countriesArray, function (country) {
// return country.value.toLowerCase().indexOf(queryLowerCase) === 0;
return re.test(country.value);
response = {
query: query,
suggestions: suggestions
this.responseText = JSON.stringify(response);
// Initialize ajax autocomplete:
$('#autocomplete-ajax').autocomplete({
// serviceUrl: '/autosuggest/service/url',
lookup: countriesArray,
lookupFilter: function(suggestion, originalQuery, queryLowerCase) {
var re = new RegExp('\\b' + $.Autocomplete.utils.escapeRegExChars(queryLowerCase), 'gi');
return re.test(suggestion.value);
onSelect: function(suggestion) {
$('#selction-ajax').html('Selected Country: ' + suggestion.value + ', ' + suggestion.data);
onHint: function (hint) {
$('#autocomplete-ajax-x').val(hint);
onInvalidateSelection: function() {
$('#selction-ajax').html('Selected Country: none');
// Initialize autocomplete with local lookup:
$('#autocomplete').autocomplete({
lookup: countriesArray,
onSelect: function (suggestion) {
$('#selection').html('Selected Country: ' + suggestion.value + ', ' + suggestion.data);
// Initialize autocomplete with custom appendTo:
$('#autocomplete-custom-append').autocomplete({
lookup: countriesArray,
appendTo: '#suggestions-container'
// Initialize autocomplete with custom appendTo:
$('#autocomplete-dynamic').autocomplete({
lookup: countriesArray -
Error message when trying to sign in to HP ePrint "ajax submit failed: error = 403, forbidden"
HP Photosmart 7525
Windows 7
Ajax submit failed: error = 403, Forbidden
Installed new printer: Photosmart 7525
I am trying to set up my ePrint account and add my printer and it won't let me sign in or create a new account.
Thanks for your help!
Deb
This question was solved.
View Solution.One can also restart the computer.After it shuts down leave it off for at least a minute and then reattempt access the site once computer is back on and running. I would also check to make sure that Java is up to date and that Adobe Flash is up to date.
I am a former employee of HP...
How do I give Kudos?| How do I mark a post as Solved? -
IIS Server 7.5 403 Forbidden Access Denied Error after submitting login Page
Hi All,
Need help to resolve below error:
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.
Getting this error once hitting submit button, here i am entering only user name it should give an alert msg asking for the password.
The application is running on IIS server 7.5 and recently enabled Anonymous Authentication and since then it is giving this error.
But if i am accessing the application locally it means in server machine it is working but from remote system it gives 403 error.
Regards,
KirtiHi,
it's difficult to say what exactly is causing without more info on you confiuration.
I'm, from you description, assuming a webpage that was configured for forms authentication. You enabled anonymous authentication and now it no longer works.
Forms authentication relies on webpage logic. In most cases, you cannot replace it 'like that' by another authentication method as the login page contains logic on how to store the usercredentials and/or authorization and were to go after authentication
has finished.
Anonymous authentication relies on the application pool identitiy (or the anonymous user) having RX access to the content. Depending the configurations you made when enabling anonyous authentication, you might aditionnaly need to assign an identity
to the anonymous user and configure ntfs privilges on the content.
Check IIS logs and event logs for information. if you do not succeed to resolve, I would suggets to post on teh iis.net forums and include detailed configuration information.
MCP/MCSA/MCTS/MCITP -
BizTalk exposed WCF 403 - Forbidden: Access is denied WCF
Im using BizTalk server 2010.cretaed Certificate in IIS and shared to client the same as a public cert.
Im using httpsTransport with customBinding.followed below url
http://blogs.msdn.com/b/bizintegration1/archive/2011/08/23/exposing-biztalk-orchestration-as-a-wcf-service-over-ssl.aspx
When I try to Browse in BizTalk server with https, im able to browse, but in the client side, they are not able to browse
and they get "403 - Forbidden: Access is denied. You do not have permission to view this directory or page using the credentials that you supplied." Is there anythng that needs to be set in BizTalk or the settings should be done at the client end?
IIS autehntification mode is anonymous is configued.plz let me know anything to do in biztalk and IIS level
Regards BizTalkWorshipThis is because your client has not provided the certificate while browsing the service URL.
If they (client) have installed the certificate in correct folder and then while browsing folder the service, client should provide the certificate through browser.
For Internet Explorer, a pop-up should with all the certificates
installed in their personal store. They need to select the certificate that they already installed in it.
Look into this article (from
On the client side: section onwards) for how to browse the service from IE by providing the certificate.
http://blogs.msdn.com/b/asiatech/archive/2014/02/13/how-to-configure-iis-client-certificate-mapping-authentication-for-iis7.aspx
Note: Above article is just relavant to you from
On the client side: section onwards i.e for instructing your client to use certificate while browsing.
FireFox
You will get an error that says “HTTP Error 403.7 – Forbidden” “The page you are attempting to access requires your browser to have a Secure Sockets Layer (SSL)
client certificate that the Web server recognizes.”
In
FireFox go to Tools –> Options –> Advanced –> Encryption –> View Certificates
Click import and select the certificate with private key file you exported earlier (the .pfx file)
You will need to clear history now or restart browser
Just FYI for installing certifate correctly in client side, if they use Windows (off-course):
MMC, add certificate snap-in for “current user”
Browse to Certificates (Current User) –> Personal –> Certificates
Right click this node and select All Tasks and Import from the popup menu
Follow the steps in the wizard, selecting the public certificate you have shared o client.
Regards,
M.R.Ashwin Prabhu
If this answers your question please mark it accordingly. If this post is helpful, please vote as helpful by clicking the upward arrow mark next to my reply. -
Select certificate - 403 Forbidden: Access is denied in Safari
Safari is asking to 'Select Certificate' for a website.
It shows two certificates the old one which expired in Feb last year and the current one which is set to expire in 3011!
Regardless which one you choose it comes back with....
Server Error
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.
p.s. This is the current version on Windows Vista and have replicated it on another computer. Have tried uninstalling (and deleteing all Apple's hidden updaters/helpers and all folders in the setting/program files areas). Then re-installed and exactly the same problem comes back.
Tried it on a Mac too with the same problem.
The website is www.amplicon.com and the certificate is issued by 'COMODO CA Limited'Your right, it works fine from my home. Just tried it on the Mac here. But it was a client that first informed us of the problem and trying it from the office on both Mac and PC Safari fialed but all other browsers were fine.
At the office everything is synced to the network time clock, and I can tell you we would know if the time was wrong...
But as it was fialing on both the Mac and PC versions in the same building it seems like it's not a OS issue, maybe it's our DNS server or something on the windows network that Safari is not dealing with that well, but other browsers seem to have no problems with.
We did change SSL supplier recently, maybe it's only a problem with browsers that have had the old and new certificate running in the browser.
I would just think it was an internal issue, but as it was reported by a regular client it is obviously replicable in more than one location.
Is there any hidden places Safari hides the certificate info that would not get removed when you uninstall Safari? Like in the registry or in windows somewhere, if so is there a way to clear it. Or could it be getting it from a cache somewhere on the network?
It's not really a big issue as we don't have many Safari users, but we do like to make sure Safari is supported and works on the site. -
Sharepoint web application was unable and show error 403 forbidden and 503 server errors
Hi
i some times loose connection to sharepoint site where i am working with,i was just run some powershell scripts to update
a filed value in a document library only
and it some times show in browser 403 Forbidden error and some times 503 server error
when i check in event viewer i got this below errors
adilThat particular 'error' is OK. It just means that a non-Farm Admin service account doesn't have the rights to run that sproc. Normal with best practice security in mind.
You may want to check the IIS logs to see what the
subcode for the 403/503 errors are.
Trevor Seward
Follow or contact me at...
  
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Error 403-forbidden from IE5 while authenticating a user through NT Realm
Hi,
Before posting this request, I checked the forum until Sep.18 to see if nobody
else experienced my problem, but in vain.
I am using WLS6.1Sp1 under NT4
I would like that NT users for defined NT Primary Domain Controller authenticate
themselves before accessing a web app. For that, I followed thoroughly the BEA
Doc to get the config.xml, web.xml, weblogic.xml and filerealm.properties correctly
configured.
The <auth-method> is set to FORM. The <security-role> and <security-role-assignment>
are also set with business roles and principals from the NT PDC. the <security-constraint>
with all the sub-tags are also defined. etc.etc. When I use the WL console, to
check users and groups lists, it works fine although it takes a lot of time before
being displayed (15 to 20 minutes !!!).
Through a Login.jsp, the user enters his/her login name and password. The result
is that I get the following message :
"Error 403--Forbidden
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it. Authorization
will not help and the request SHOULD NOT be repeated. If the request method was
not HEAD and the server wishes to make public why the request has not been fulfilled,
it SHOULD describe the reason for the refusal in the entity. This status code
is commonly used when the server does not wish to reveal exactly why the request
has been refused, or when no other response is applicable."
No trace in the log files. No warning . Nothing.
My questions are:
1- Has somebody already experienced this?
2- Could you then help me ?
By advance , thank you very much.
Athmani H.
Note : I can provide you through email the config.xml, web.xml, weblogic.xml and
filerealm.properties and the concerned .jsp files on demandHi Jerry,
Many thanks for your interest and your help.
weblogic.properties file for WLS 6.1 SP1? There is none... I do have a filerealm.properties. I didn't state that I was using a weblogic.properties
file.
I checked the URL you proposed. I changed the <Auth-method> from FORM into BASIC.
A pop-up window is displayed requesting the user to enter username and password.
The result is that I get a web page displaying an Error 404 --not found.
Here is the complete error message :"Error 404--Not Found
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.5 404 Not Found
The server has not found anything matching the Request-URI. No indication is given
of whether the condition is temporary or permanent.If the server does not wish
to make this information available to the client, the status code 403 (Forbidden)
can be used instead. The 410 (Gone) status code SHOULD be used if the server knows,
through some internally configurable mechanism, that an old resource is permanently
unavailable and has no forwarding address."
The message is displayed when the browser tries to resolve the following URL :http://localhost:7001/examplesWebApp/j_security_check
Having said that, I had already configured the <security-role-assignement> with
role-name and principals in weblogic.xml, as well as the <security-role> tag in
web.xml.
Thanks for your help
Cheers
Habib
Jerry <[email protected]> wrote:
Hi Athmani,
weblogic.properties file for WLS 6.1 SP1? There is none... weblogic.properties
is in WebLogic
5.1 and lower -- it was changed to config.xml for WLS 6.0 .. what are
you using your
weblogic.properties file for?
Anyways,
I have gotten NTRealms to successfully work with WLS 6.1, with security
on a web app, allowing
NT users to access certain resources. This stuff works.
Since you can see your users and groups through the console (even though
it takes a while) I
think that your NTRealm setup is okay.
I would guess that you have a problem with your deployment descriptors
in your web
application.
There are quite a few posts in this newsgroup that illustrate how to
set up security
constraints on resources in your web app with the deployment descriptors.
For example, check out
http://newsgroups.bea.com/cgi-bin/dnewsweb?cmd=article&group=weblogic.developer.interest.security&item=6244&utag=
Let me know how it goes, okay?
Cheers,
Joe Jerry
"Athmani H." wrote:
Hi,
Before posting this request, I checked the forum until Sep.18 to seeif nobody
else experienced my problem, but in vain.
I am using WLS6.1Sp1 under NT4
I would like that NT users for defined NT Primary Domain Controllerauthenticate
themselves before accessing a web app. For that, I followed thoroughlythe BEA
Doc to get the config.xml, web.xml, weblogic.xml and filerealm.propertiescorrectly
configured.
The <auth-method> is set to FORM. The <security-role> and <security-role-assignment>
are also set with business roles and principals from the NT PDC. the<security-constraint>
with all the sub-tags are also defined. etc.etc. When I use the WLconsole, to
check users and groups lists, it works fine although it takes a lotof time before
being displayed (15 to 20 minutes !!!).
Through a Login.jsp, the user enters his/her login name and password.The result
is that I get the following message :
"Error 403--Forbidden
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.4 403 Forbidden
The server understood the request, but is refusing to fulfill it. Authorization
will not help and the request SHOULD NOT be repeated. If the requestmethod was
not HEAD and the server wishes to make public why the request has notbeen fulfilled,
it SHOULD describe the reason for the refusal in the entity. This statuscode
is commonly used when the server does not wish to reveal exactly whythe request
has been refused, or when no other response is applicable."
No trace in the log files. No warning . Nothing.
My questions are:
1- Has somebody already experienced this?
2- Could you then help me ?
By advance , thank you very much.
Athmani H.
Note : I can provide you through email the config.xml, web.xml, weblogic.xmland
filerealm.properties and the concerned .jsp files on demand
Maybe you are looking for
-
Java.sql.SQLException in the Buss. Comp. Proj. WIZARD...why?
hi, I'm getting a java.sql.SQLException in the Bussiness Component Project Wizard. I made the connection using "Oracle JDBC Thin" and the connection works fine, then I click next to give the package name and when I click next again, I get the java.sq
-
Change row background color or banding
Can I do such things in my table? I'm working with a table which formatted subtotal. Now, I want to change the row color of each subtotal row. However, I can't find any attribute of row to do it. eg. ID 10 Dept1 100 Dept2 100 Subtotal 200 20 Dept3 20
-
Best Setup for Working over a Network (What is it)
Curious, I'm been using Dreamweaver for awhile now, both at work and at home as a hobbyist. My preferred setup when working on a set is to be connected via FTP to the set so that I can work on the documents directly without have local and remote vers
-
OSX Server DHCP Service - Support for tftp-server or bootp-server entries
We have a bunch of IP phones that get their initial setup from DHCP. On a Linux box, we can add the entries: option tftp-server-name or option boot-server We do this to tell the phones where to download their settings/firmware from. Does OSX DHCP sup
-
Greetings All.. Some strangeness seen in the last few days. I have a machine that is pretty much dedicated to editing images (mac pro, 8g ram, 8cores,raid, etc). Previous versions of LR I would edit in over several days; not bothering to exit th