j_security_check gives 403 page with correct credentials

Question

I get a 403 error when I enter the correct credentials in my login.jsp page. Here is my web.xml:

<security-constraint>
        <web-resource-collection>
            <web-resource-name>Test</web-resource-name>
            <url-pattern>/test/something.jsp</url-pattern>
        </web-resource-collection>
        <auth-constraint>
            <role-name>*</role-name>
        </auth-constraint>
    </security-constraint>

    <login-config>
        <auth-method>FORM</auth-method>
        <form-login-config>
            <form-login-page>/Login.jsp</form-login-page>
            <form-error-page>/LoginError.jsp</form-error-page>
        </form-login-config>
    </login-config>

    <security-role>
    <role-name>administrator</role-name>
  </security-role>

Here is my context.xml:

<Context>

  <!-- Together with a corresponding entry in web.xml, this configures -->


  <Resource
    name="jdbc/DB"
    auth="Container"
    type="javax.sql.DataSource"
    driverClassName="com.mysql.jdbc.Driver"
    url="jdbc:mysql://something/DB"
    username="user"
    password="pass"
    maxActive="8"
    maxIdle="4"
    maxWait="10000"
   />
  <Realm 
    className="org.apache.catalina.realm.JDBCRealm" 
    driverName="com.mysql.jdbc.Driver" 
    connectionURL="jdbc:mysql://something/DB"
    connectionName="user" 
    connectionPassword="pass" 
    userTable="users" 
    userNameCol="user_name" 
    userCredCol="user_password" 
    userRoleTable="users"
    userRoleCol="role" 
    digest="MD5"
    />
</Context>

It get to the error page when it is invalid but its like my role is not right. In the database I have administrator and staff as the roles.

Answer 1

I fixed it here is what was wrong:

userRoleCol="role" 

needs to be:

roleNameCol="role"