I m trying to developed a form which is contain ajax for get realtime data on database. but  im facing issues in accessing the pages while im execute the ajax. See the below error -

"Sorry, you do not have permission to access this page"

the error come if the role id = user, or login as user

but if we login as administrator it works

how to fix this...im still using joget 2.01

below is the sample of ajax

custom ajax
<%@ page import="java.sql.*" %>
<%@ page import="java.io.*" %>

<%
try {
	String connectionURL = "jdbc:mysql://localhost:3307/sampledb";
	Connection connection = null;
	ResultSet rst = null;
	Statement stmt = null;
	Class.forName("com.mysql.jdbc.Driver").newInstance();
	connection = DriverManager.getConnection(connectionURL, "root", "");
			stmt=connection.createStatement();

			String querys = request.getParameter("query");

			String str_querys = querys.replace("+", " ");

			String sqlna=str_querys;


				rst = stmt.executeQuery(str_querys);

				rst.next();
				%>
				<%=rst.getString(1)%>
				<%

				rst.close();
				stmt.close();
				connection.close();

			}
catch(Exception ex){
out.println(ex);
}
%>

or we use joget javascript function

var callback2 = {
	success : function(response){
	  alert("respon : "+response);
	}
}

var query_str=query.replace(/\s/g,"+");
var m=query+"&param=1";

	ConnectionManager.post("http://localhost:8080/wflow-wfweb/testJSP.jsp", callback2, m);
  • No labels

2 Comments

  1. Looks like you're trying to add a jsp into the wfweb project and tries to access it with ajax call.

    Look for applicationContext.xml in the WEB-INF folder in wfweb, you should be able to find a section with <security:http> tag.

    Add an entry (before the last entry) to this section to allow anonymous (or just user) access.

    For example: 

     <security:intercept-url pattern="/testJSP.jsp" access="IS_AUTHENTICATED_ANONYMOUSLY, ROLE_USER, ROLE_ADMIN"/>
    
  2. thanxs damien

    for quick reply

    .

    and it works now...