Hi again
after deeper debugging the problem is solved
it was the authenticate method (from
info.magnolia.cms.security.Authenticator)
that returned false over and over again
and that's because LoginContext loginContext = new
LoginContext("magnolia_authorization", callbackHandler);
was throwing exception,
solution is to add this lines:
magnolia_authorization {
info.magnolia.jaas.sp.jcr.JCRLoginModule required;
};
in jaas.conf file
only that I don't think this is permanent solution
correct if I'm wrong, please
one more thing
during debugging on tomcat I've noticed that this if
// first check if user has been authenticated by some other
service or container itself
if (req.getUserPrincipal() == null) {
is allways true, it seems like user is never authenticated via jaas ???
// user already authenticated via JAAS, try to load roles for it
or this is all planned and unfinished work ???
Thanks
Stojan
----------------------------------------------------------------
for list details see
http://www.magnolia.info/en/magnolia/developer.html
----------------------------------------------------------------
