I have a classic three tier application: Core, EJB3, and 2 separate Web Projects: WebUserProject and WebAdminProject
I have successfully configured JAAS Custom Security that can be utilized by both web projects. My custom class uses various EJBs to fully provide the authentication service needed and thus I put my code class into one of the web projects, the WebUserProject. Upon starting the server, these are the scenarios that I encountered during my testing. 1)First user to login is an Admin User into the WebAdminProject, authentication fails! 2)Next a client user logs into the WebUserProject, authentication suceeds. 3)Third the same admin user tries to attempt to login again into the WebAdminProject and this time since it is after a successful client user login in step 2, the authentication suceeds. So what it seems like is that the only way authentication works in the WebAdminProject is if a user, any user has previously logged into the WebUserProject. Keep in mind that the custom code module is located in the WebUserProject, and I have a suspicion that the location of this file may have a lot to do with this bug. Is location the real issue? If so where should I put the class? -In a separate jar placed in the EAR? -Make two copies of the same custom classes and put them into each of the web projects? Thanks! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3942792#3942792 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3942792 ------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
