Bugs item #490869, was opened at 2001-12-09 09:47 You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=376685&aid=490869&group_id=22866
Category: JBossSX Group: v2.4 (stable) Status: Open Resolution: None Priority: 5 Submitted By: Konstantin Pribluda (ko5tik) Assigned to: Nobody/Anonymous (nobody) Summary: JBossSecurityMgrRealm resets principal Initial Comment: After JSP page is included, security settings are wrong ( authentication data is resetted ) This happens JBossSecurityMgrRealm in postService method, which is fired after subrequest (i.e. <jsp:include> is completed. I put up ear demonstrating this behaviour ( which I'm attaching to this message ) I tested it with JBoss-2.4.3_Tomcat-3.2.3 ( Scott asked me to do it with 2.4.4, but it seems thet 244 beta has some problems with JNDI contexts - so tomcat was unable to access java:comp/env/ context ) Earlier zipped distros had massive permission problems on directories. But since problem source (JBossSecurityMgrRealm) was not touched in last 4 months, this problem would be existing in newest version as well. After you deployed this EAR, point your browser to context path /sectest. It authenticates using sinple module, so just login with same user name and password, and see authenticated user name change magically after including another JSP. ---------------------------------------------------------------------- >Comment By: Konstantin Pribluda (ko5tik) Date: 2001-12-09 09:50 Message: Logged In: YES user_id=91100 And here are sources for this ear. But you will need ejbdoclet to recompile it ---------------------------------------------------------------------- You can respond by visiting: http://sourceforge.net/tracker/?func=detail&atid=376685&aid=490869&group_id=22866 _______________________________________________ Jboss-development mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-development
