On Aug 3, 2006, at 7:35 AM, Vamsavardhana Reddy wrote:
Hi,
I have deployed a Custom Security Realm using MyLoginModule and
MyPrincipal classes. I have configured a simple web application to
authenticate against this realm. Even though the login succeeds, I
am getting an HTTP 403 Forbidden error. But everything works fine
if I change MyLoginModule to use
org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal
instead of MyPrincipal and change the deployment plan for my web
app accordingly. I guess this has to do something with the class
loaders.
Any ideas on what is happening and how to fix this?
You might be right about the classloaders or there might be another
problem. I suggest putting a breakpoint in
PolicyConfigurationGeneric.implies and stepping through the
authorization decision to find out what is going on. If you get
stuck please post the code and I'll try to figure it out.
thanks
david jencks
Thanks,
Vamsi
