[ http://jira.jboss.com/jira/browse/JBAS-1555?page=history ] Scott M Stark closed JBAS-1555: -------------------------------
Resolution: Done Fix Version: JBossAS-4.0.2 Final JBossAS-5.0 Alpha > HTTP Status 403 on using org.jboss.web.tomcat.security.JaccAuthorizationRealm > ------------------------------------------------------------------------------ > > Key: JBAS-1555 > URL: http://jira.jboss.com/jira/browse/JBAS-1555 > Project: JBoss Application Server > Type: Bug > Components: Security > Versions: JBossAS-4.0.1 SP1 > Environment: JBoss 4.0.1 sp1, tomcat 5.0.28 > Reporter: Roland R?z > Assignee: Scott M Stark > Fix For: JBossAS-4.0.2 Final, JBossAS-5.0 Alpha > > > Hello, > I try to run JBoss Duke Bank application on JBoss 4.0.1 sp1 and it works fine > until I'm using org.jboss.web.tomcat.security.JBossSecurityMgrRealm in the > server.xml configuration. > ... > <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm" > certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"/> > ... > As soon I replace this realm by > org.jboss.web.tomcat.security.JaccAuthorizationRealm: > <Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm" > > certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"/> > the logon is still successful but the every second call to the servlet is > responded with "HTTP Status 403 - Access to the requested resource has been > denied". > On debugging I noticed that the Subject in the SecurityAssociation, required > by JaccAuthorizationRealm is null, therefore the permission check fails. > Kind regards -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - If you want more information on JIRA, or have a bug to report see: http://www.atlassian.com/software/jira ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ JBoss-Development mailing list JBoss-Development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-development