http-status-code-403

I'm working on a project of RESTful web services, i'm using Apache Tomcat and JAX-RS. I want to accept DELETE requests from client but whenever i send a DELETE request from Advanced REST client Chrome plugin it gives response code 403 Forbidden. So how can i make Apche Tomcat accept DELETE request? Tomcat was blocking DELETE methods for me because of my CORS filters. I needed new filters registered in my web.xml file. Here's an example of a very permissive one: <filter> <filter-name>CorsFilter</filter-name> <filter-class>org.apache.catalina.filters.CorsFilter</filter-class> <init-param> <param

I am trying to setup Tomcat with my current source code. I downloaded the zip from tomcat site (6.0.32). I then put in the config file for my project in tomcatDir\conf\Catalina\localhost I then added the users to tomcat-users.xml When I hit my application using localhost:8080/<context root> , I get the login prompt as I am supposed to. After providing the right credentials, the tomcat throws 403 error. I am able to access the manager with localhost:8080/manager/ tomcat-users.xml : <role rolename="manager"/> <role rolename="admin"/> <user username="admin" password="5c50nD" roles="admin,manager"

The pertinent part of my .htaccess looks like this: Options -Indexes <FilesMatch include> Order allow,deny Deny from all </FilesMatch> RedirectMatch 404 ^/include(/.*)$ And it's generating the following responses: /include 403 /include/ 404 /include/config.inc 403 I can tell by looking at my pattern that problem is likely in the (/.*) part but everything I have tried gives me the same results; instead of consistently getting 404 I get a 404 for the one case and 403 for everything else. What is wrong with the expression I'm using? Alternatively since I have to do this for a few directories is

I'm using Windows Server 2012 and IIS 8.5. I've set SSL for the website and the SSL Settings are: Require Required and Require Client Certificates. The client certificate that I'm sending to the server has been issued by a self-signed authority (let's called it MyCompany CA). MyCompany CA certificate has been successfully installed in the Local Computer Account - Trusted Root Certification Authorities. It's expiration date is 2039, so is the client certificate expiration date. However, with all this setup, I'm getting an error 403.16 as result. I've enabled Failed Request Tracing Rules and

I'm trying to gracefully handle the 403 when visiting an S3 resource via an expired URL. Currently it returns an amz xml error page. I have uploaded a 403.html resource and thought I could redirect to that. The bucket resources are assets saved/fetched by my app. Still, reading the docs I set bucket properties to handle the bucket as a static webpage page and uploaded a 403.html to bucket root. All public permissions are blocked, except public GET access to the resource 403.html. In bucket properties, website settings I indicated the 403.html as error page. Visiting http://<bucket>.s3-website

I have a non complicated issue......that seems to be more complicated than it should be. I have a simple form that is used to add content to a website. Some of the fields need to have html inputted into them. However, when you input certain html elements into the different parts of the form, it decides that it hates you and throws a forbidden 403 error. Here is the form below: <?php $data = f("SELECT * FROM table WHERE id = '{$_GET['id']}'"); ?> <form action="<?=$_SERVER['PHP_SELF']?>?id=<?=$_GET['id']?>&action=edit" method="post"> <table cellspacing="0" cellpadding="2" border="0"> <tr> <td><b