1 Reply Latest reply: May 13, 2010 6:13 AM by raju k RSS

HTTP Status 403 - Direct access to this Portlet Application's resources has not been authorized

raju k Newbie

Hi All,

I am  calling  servlet from jsp in Vignette portal  with jboss application  server using following code.

 

 

  • <% 
  • String path=renderResponse.encodeURL(renderRequest.getContextPath()+"/AjaxdownloadServlet"); 
  •  
  •                          path=path+"?filename="+filename+"&sessionId="+sessionid; 
  •                  
  •                 %>                 
  •                   
  •                       <a href="<%=path%>"   style="border:none">[b]download[/b]</a> 
  • whenever i click on download link from jsp  it is  showing follwing error message..


    HTTP Status 403 - Direct access to this Portlet Application's  resources has not been authorized. Please contact your administrator.

    type Status report

    message Direct access to this Portlet Application's resources has  not been authorized. Please contact your administrator.

    description Access to the specified resource (Direct access to this  Portlet Application's resources has not been authorized. Please contact  your administrator.) has been forbidden.
    JBossWeb/2.0.1.GA
  • Any body knows about this problem please help on this  ....

    Thanks in Advane
  • Komariraj
    • 1. Re: HTTP Status 403 - Direct access to this Portlet Application's resources has not been authorized
      raju k Newbie

      yes i got solution...

      The Portal Portlet Packaging Tool adds a security filter to a  portlet application’s web.xml file. This filter allows direct requests  to static files, such as images, but it blocks all requests to servlets  and JSPs that are not proxied through Portal, thereby ensuring that the  Portal authentication and authorization mechanisms protect all  application resources. As a result, a Portal user is forbidden to access  a portlet application directly. Hwoever, we need to make direct  requests to the FileExplorerServlet. To enable access we will remove the  Portal security filter (named PortletApplicationSecurityFilter) and the  mapping. Delete or comment the following lines:

      1.<filter>
      2.     <filter-name>PortletApplicationSecurityFilter</filter-name>
      3.     <filter-class>com.vignette.portal.portlet.jsrcontainer.PortletApplicationSecurityFilter</filter-class>
      4.</filter>
      5.<filter-mapping>
      6.     <filter-name>PortletApplicationSecurityFilter</filter-name>
      7.    <url-pattern>/*</url-pattern>
      8.</filter-mapping>

      Once you complete the deployment, start the VAP server. Login to  the Server console (http://localhost:8080/portal/console). 
      Thanks & Regards
      raju.k