Error 403 when accessing java servlet in tomcat root context using POST

Question

Basically I setup a servlet which you can simply post for some data and it worked on localhost. However when it was deployed to tomcat on our VPS, you can view the page in a browser, but if my java code tries to make a POST request-I get error 403 (forbidden). Any idea why this is and if so, any help would be greatly appreciated! :)

Additional detail:

Server: Tomcat 7 Context: ROOT (I think)

Stack trace:

java.io.IOException: Server returned HTTP response code: 403 for URL: http://minemanager.org/auth at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1626) at net.stormdev.MTA.SM.http.SimplePostClient.post(SimplePostClient.java:40) at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) at java.util.concurrent.FutureTask.run(FutureTask.java:262) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at java.lang.Thread.run(Thread.java:744)

And in the servlet the code is a simple response in the 'doPost' method which works on localhost:

protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    // Set response content type
    response.setContentType("text/html");

    // Actual logic goes here.
    PrintWriter out = response.getWriter();
    out.println("<p>Oh dear, you can't access this like this!</p>");
}


protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
    response.setContentType("text");
    PrintWriter out = response.getWriter();
    Object accEmail = request.getParameter("accEmail");
    Object accUUID = request.getParameter("accUUID");
    if(accEmail == null || accUUID == null){
        out.println("false"); //Nope, not valid...
        out.flush();
        out.close();
        return;
    }
    String resp = ""+Auths.isValid(accUUID.toString(), accEmail.toString());
    out.println(resp);
    out.flush();
    out.close(); 
}

And finally the code sending the request:

package net.stormdev.MTA.SM.http;

import java.io.BufferedReader;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
import java.net.URL;
import java.net.URLConnection;
import java.net.URLEncoder;

public class SimplePostClient {
public static String post(String site, String[] keys, String[] values){
    String data = "";
    if(keys.length > values.length){
        throw new RuntimeException("Invalid keys and values!");
    }

    try {   
        // Construct data
        for(int i=0;i<keys.length;i++){
            String key = keys[i];
            String value = values[i];
            if(data.length() < 1){
                data = URLEncoder.encode(key, "UTF-8") + "=" + URLEncoder.encode(value, "UTF-8");
                continue;
            }
            data += "&" + URLEncoder.encode(key, "UTF-8") + "=" +
                    URLEncoder.encode(value, "UTF-8");
        }

        // Send data
        URL url = new URL(site);
        URLConnection conn = url.openConnection();
        conn.setDoOutput(true);
        OutputStreamWriter wr = new OutputStreamWriter(conn.getOutputStream());
        wr.write(data);
        wr.flush();

        // Get the response
        BufferedReader rd = new BufferedReader(
                new InputStreamReader(conn.getInputStream()));

        String response = "";
        String line;
        while ((line = rd.readLine()) != null) {
            response += line;
        }
        wr.close();
        rd.close();
        return response;
    } catch (Exception e) {
        e.printStackTrace();
    }
    return null;
}
}

Answer 1

403 means the request is recognized but deny to proceed due to some reasons, like access deny, untrusted URL and so on. Can't you get the response body? which will have more detail information.

Answer 2

In case if this issue is appearing to call the server deployed on localhost, you must check your

web.conf

file for the details of CORS filter if it is included you need to remove it from there so that requests from local can be accepted.

Answer 3

Please check you structure directory project. And check folder web or webapp was near java folder.

 - ---src
       - main
          - java
          - webapp
          - resources
       - test