I would like to give unregistered user acces to my webapp. therefore I would like to
to create an user (guest) with the role guest. This is already done.
but now there's a problem:
because I've stored the role in the db, I have to login the guest-user automatically
as a user with the guest-role. Therefor I would like to write a GuestLoginServlet,
which only authorized this user as guest, that the method:
isUserInRole("guest") return true!
But how should I do that?
(by the way, I've got a solution with constraints in the web.xml, but that could'nt be
the right solution).
Is there a possibility to login a user in a servlet? or can I determine a default
role, which a not authorized user has? and where do I have to determine this role and
has this role to exist in the db?
my login-config.xml looks as following:
<application-policy name = "adminDomain">
<login-module code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag =
"required">
<module-option name = "dsJndiName">java:/DefaultDS</module-option>
<module-option name = "principalsQuery">select password from users where
login=?</module-option>
<module-option name = "rolesQuery">select role, 'Roles' from roles where
login=?</module-option>
</login-module>
</application-policy>
Thank a lot for any hints...
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3837080#3837080
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3837080
-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g.
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
