I already posted the same message on the serlet newsgroup. I try on this too
just in case.
***************
I'm currently trying to migrate a webapp from weblogic8.1 to JBoss, and I'm
meeting a problem I hadn't with WLS.
My webapp has a <security-constraint> section with <auth-constraint>. I'm using
Form authentication with DB Realm. My problem is that I can log in my webapp,
but I get a 403 saying I'm not allowed to access ressources.
I checked several things :
- I can log in, ie login/password are checked against DB, so this part works.
If I give a wrong password, I get <form-error-page> page.
- I added a piece of code in my 403.jsp. I added 3 lines :
0. System.out.println(request.getRemoteUser()); --> return djeanprost
1. System.out.println(request.isUserInRole("collaborateur")); where
collaborateur is a group of my group table. --> Return true, which is normal to
me.
2. System.out.println(request.isUserInRole("utilisateurCollaborateur")); -->
false
utilisateurCollaborateur is a role I specified in the <auth-constraint> section
in the web.xml. I also have a <security-role> section where I declare the
utilisateurCollaborateur role name. In my jboss-web.xml, I have a
<security-role>
<role-name>utilisateurCollaborateur</role-name>
<principal-name>collaborateur</principal-name>
<principal-name>djeanprost</principal-name>
</security-role>
where I map utilisateurCollaborateur to collaborateur and djeanprost. I added
the principal name djeanprost to add a test : it does not work neither.
I conclude the mapping from utilisateurCollaborateur to collaborateur is not
done.
Where am I wrong ?
Regards,
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3888179#3888179
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3888179
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
JBoss-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/jboss-user
