Hi, I need to check some permissions inside servlet code. My solution was that i looked up "java:comp/env/security/securityMgr" and test: jsm.doesUserHaveRole(user, role)
it works for me fine in jboss 3.2.4rc1 with tomcat, but it doesn't in jboss 3.2.4rc1 with jetty. The problem was, that getUserRoles(request.getUserPrincipal()) returns null, but if i checked request.isUserInRole (somerole) was true. I have some thoughts on this problem: 1/ my JbossSecurityMgr "usage pattern" isn't good ;-) 2/ there are some incopatibilities in current jetty ( AFAIK last changes touched mainly abstractWebContainer code, but maybe some modifications in realm are also needed) 3/ jboss realm in jetty doesn't support this type of permission checking at all. which one is true ?? best regards, Michal View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3829312#3829312 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3829312 ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
