Thanks for the quick reply David. If I understand you, I need to have a <security-realm-name> section defined in each webapps geronimo-web.xml without a <security> section defined, and then have a <security> section defined in the EAR. This would mean no changes to the web.xml for either app. Where does this go in the EAR? The geronimo-application.xml? I'll check on the syntax:)
For future reference, do all the EAR's webapps need to utilize the same realm, or can each webapp have its own relm? > -------- Original Message -------- > Subject: Re: EAR Security Realm Configuration > From: David Jencks <[EMAIL PROTECTED]> > Date: Mon, September 24, 2007 11:31 am > To: user@geronimo.apache.org > > you only specify the security configuration itself once per ear. For > each web-app you specify the security-realm that comes right before > the security configuration. You might put the security element at > the top level of the ear plan rather than in one or the other web app > plan. > > hope this helps > david jencks > > On Sep 24, 2007, at 11:02 AM, Mark Aufdencamp wrote: > > > Hi All, > > > > I'm having a slight problem with a security realm in an EAR. I > > have two > > webapps that I would like to authenticate via a container managed FORM > > Auth, webapp and webappadmin. I have the webapp realm functioning > > without any issues. Of course, I cut and pasted from webapp to > > webappadmin and attempted to deploy. This resulted in a commom > > deployment exception - "Only one security configuration allowed per > > application". > > > > What's the proper approach to resolving this? > > > > Can I use/Do I need a second realm for the second web application? As > > in a 1-1 correspondence between the app and the realm. > > > > If not how do I properly configuring the second app to utilize the > > realm? Is there someway to define it in the EAR for both web apps? > > > > TIA > > > > Mark Aufdencamp > > [EMAIL PROTECTED] > >