Why is the Admin displaying a 403 Forbidden error when I try to view a section and/or an entity form?

What is happening is that the system is checking the permissions (which are tied to domain classes) available on the user. The admin user does not have the correct permissions.

This can be due to not having the permission on the class that the admin user wants to view or it could be due to a relationship from the main class to another class.

1. Check the logs. There is warn level log that should output the class that is causing the issue on the AdminSecurityServiceRemote class. For example:

[ WARN] 13:14:51 AdminSecurityServiceRemote [admin][][] - Detected security request for an unregistered ceiling entity (com.broadleafcommerce.theme.domain.page.PageType). As a result, the request failed. Please make sure to configure security for any ceiling entities referenced via the admin. This is usually accomplished by adding records in the BLC_ADMIN_PERMISSION_ENTITY table. Note, depending on how the entity in question is used, you may need to add to BLC_ADMIN_PERMISSION, BLC_ADMIN_ROLE_PERMISSION_XREF and BLC_ADMIN_SEC_PERM_XREF.

If you do not have the logs enabled for this class, you can turn them on for the org.broadleafcommerce.openadmin.server.security.remote.AdminSecurityServiceRemote class. 

2. Set a breakpoint in the AdminSecurityServiceRemote.securityCheck(...) method, on the following block of code:

for (String ceilingEntityFullyQualifiedName : ceilingNames) {
    isQualified = securityService.isUserQualifiedForOperationOnCeilingEntity(persistentAdminUser, permissionType, ceilingEntityFullyQualifiedName);
    if (!isQualified){
        if (primaryException == null) {
            primaryException = new SecurityServiceException("Security Check Failed for entity operation: " + operationType.toString() + " (" + ceilingEntityFullyQualifiedName + ")");
        }
    } else {
        break;
    }
}