hi evereybody!
we are using different roles in our project: child and parent. for the parents
site only parents should have access to the secured pages.
we are using form-based authentication.
when i log in with a user, that is not registered in our db, everything works
fine and I am redirected to the login-error-page. when i log in as parent, also
everything works fine and i am getting access to the secured page.
but when i log in as child (which is a proper defined role), i a not redirected
to the login-error-page..
why? what do i have to change?
the relating passage of web.xml looks like this:
<!-- security -->
<security-constraint>
<display-name>SaferWebSecurity</display-name>
<web-resource-collection>
<web-resource-name>
SecureResource
</web-resource-name>
<url-pattern>/forwardPage.iface</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>P</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/loginError.html</form-error-page>
</form-login-config>
</login-config>
<security-role>
Parent
<role-name>P</role-name>
</security-role>
<security-role>
Child
<role-name>C</role-name>
</security-role>
i'm looking forward for your answers.
cheers stefan
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4118198#4118198
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4118198
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
