Hi everyone,
I've recently moved my app to JBoss 3.0 from Orion but am having trouble
with the request.isUserInRole() call. I've set up a db security policy
in login-config.xml which works fine from the authorization point of
view, but the roles detected in the request.isUserInRole call aren't
related to what's in the db.
Switching from Jetty to Tomcat as the web container made no difference,
and neither did using the UsersRolesLoginModule. Every time I check if a
principle making a request is in a role it returns true! Even if I check
for a role like "frustrated_developer" which is never defined anywhere.
Did I miss something fundamental? Do I need to switch off a default
"allow role inclusion" parameter? I'm suffering badly, please help!
----------------------------------------------------------------------------
Bringing you mounds of caffeinated joy
>>> http://thinkgeek.com/sf <<<
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
