Yesterday our web application ran fine on WildFly 9. Since this morning I get only a "Forbidden" in the web browser. We don't use JAAS. There is also no difference if I set the following value to false
in the standalone.xml
:
...
<subsystem xmlns="urn:jboss:domain:ejb3:3.0">
...
<default-missing-method-permissions-deny-access value="true"/>
...
</subsystem>
...
What can be the reasons that WildFly only shows the "Forbidden" page?
EDIT
If I set the log level for package org.jboss.security
to TRACE
I get the following message in the log file while calling the page:
2016-01-27 12:58:15,354 TRACE [org.jboss.security] (default task-5) PBOX00354: Setting security roles ThreadLocal: null
Not sure what this means ...
My EAR project and the inherited WAR project in eclipse was broken. There were several things missing like at example the application.xml
.
Not sure why these things are missing and where I have lost it. But after fixing both projects deployments it works again.