Hello !
I have very simple application:
<application>
| <display-name>test_app</display-name>
| <web>
| <web-uri>test_web.war</web-uri>
| <context-root>/test_web</context-root>
| </web>
| </module>
| <ejb>test_ejb.jar</ejb>
| </module>
| </application>
In my web module I have only 1 servlet. My web.xml:
<web-app>
| <servlet>
| <servlet-name>TestServlet</servlet-name>
| <display-name>Test servlet</display-name>
| <description>Test </description>
| <servlet-class>test.TestServlet</servlet-class>
| </servlet>
| <servlet-mapping>
| <servlet-name>TestServlet</servlet-name>
| <url-pattern>/test</url-pattern>
| </servlet-mapping>
| <security-constraint>
| <web-resource-collection>
| <web-resource-name>secured</web-resource-name>
| <url-pattern>/test</url-pattern>
| <http-method>HEAD</http-method>
| <http-method>GET</http-method>
| <http-method>POST</http-method>
| <http-method>PUT</http-method>
| <http-method>DELETE</http-method>
| </web-resource-collection>
| <auth-constraint>
| <role-name>*</role-name>
| </auth-constraint>
| <user-data-constraint>
| <transport-guarantee>CONFIDENTIAL</transport-guarantee>
| </user-data-constraint>
| </security-constraint>
|
| <login-config>
| <auth-method>FORM</auth-method>
| <form-login-config>
| <form-login-page>/login.jsp</form-login-page>
| <form-error-page>/loginerror.jsp</form-error-page>
| </form-login-config>
| </login-config>
|
| <security-role>
| <role-name>*</role-name>
| </security-role>
| </web-app>
My jboss-web.xml:
<jboss-web>
| <security-domain>java:/jaas/postgresql-based</security-domain>
| </jboss-web>
My login-config.xml:
<application-policy name = "postgresql-based">
| <authentication>
| <login-module code =
"org.jboss.security.auth.spi.DatabaseServerLoginModule" flag = "required">
| <module-option name =
"dsJndiName">java:/TalgosDS</module-option>
| <module-option name = "principalsQuery">SELECT pass
FROM user WHERE is_system='f' and login=?</module-option>
| <module-option name = "rolesQuery">select role_code
,'Roles' from roles where login=?</module-option>
| <module-option name =
"hashAlgorithm">MD5</module-option>
| <module-option name =
"hashEncoding">base64</module-option>
| </login-module>
| </authentication>
| </application-policy>
In doGet in my TestServlet I have:
out.println("request.isUserInRole(\"AD1\") = "+request.isUserInRole("AD1")+"");
out.println("request.getUserPrincipal() = "+request.getUserPrincipal()+"");
WHen I running this servlet on JBOSS 3.2.5 isUserInRole("AD1") return true
When I running on JBOSS 4.0.0 isUserInRole("AD1") return false
Is there a bug in 4.0.0 ?
What I should to do with jboss configuration to run this application ?
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3849176#3849176
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3849176
-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
