403 Forbidden Accessing admin section with admin user credentials

[GoogleCodeExporter]

What steps will reproduce the problem?
1. Just installed, built and uploaded YouTube Direct v2.0 to my Google App 
Engine
2. Visited the /admin page within the application and entered my Google App 
Engine user account
3.

What is the expected output? What do you see instead?
Expecting to be logged successfully into the admistration/moderation panel for 
the YTD app.
Instead, received "Error: Forbidden Your client does not have permission to get 
URL /admin from this server." message

What version of the product are you using? On what operating system?
Windows XP (SP3)
Eclipse Java EE IDE for Web Developers Version: Helios Release
Build id: 20100617-1415

Please provide any additional information below.
I'm not certain what other information to provide in order to help assist in 
troubleshooting this issue.  Please advice.

Original issue reported on code.google.com by bretta%i...@gtempaccount.com on 17 Sep 2010 at 10:49

[GoogleCodeExporter]

I really have not idea why this would be happening. YTD just relies on the 
standard App Engine administrator restrictions to protect URLs under /admin, 
and if you're supplying the same credentials when logging into /admin as you 
used when deploying your App Engine instance it definitely should work.

Could you confirm that this is still an issue that you're experiencing?

Original comment by api.je...@gmail.com on 11 Nov 2010 at 10:51

• Changed state: Accepted

[GoogleCodeExporter]

Original comment by api.je...@gmail.com on 11 Nov 2010 at 10:51

[GoogleCodeExporter]

Hi api.jeffy,

I think the issue is when you login using a non-google email/account.

Our company is using Google email, docs, etc. So when I login to the appengine 
I login using this address https://appengine.google.com/a/[COMPANY NAME] then 
using my company email [NAME]@[COMPANY NAME].com to login.

Then I create my application and make sure my account has permission (which 
happens automatically because I created using this account).

Then when I go to the YTD admin and try to login using my company account, it 
returns the 403 error.

What I have to do in the app engine administration is send an invite to my 
Google email account ([NAME]@gmail.com) and then use that login to access the 
YTD admin. I shouldn't need to do this, I should be able to access the YTD 
admin using my company account credentials because it has the correct access to 
the application.

Original comment by alexis%g...@gtempaccount.com on 15 Nov 2010 at 7:38

[GoogleCodeExporter]

I had a similar issue with my installation.  

I have a CNAME alias for my YTD direct installation (eg., ytd.mydomain.com).  
When accessed the admin pages at ytd.mydomain.com/admin I received the 403 
error message.  

The problem was resolved when I edited the web.xml file and removed lines 95-97:
     <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>

I suspect the issue may be with the CNAME and the appspot.com SSL certificate.

Original comment by br...@the-jacksons.ca on 8 Apr 2011 at 1:18