authentication succesful but access denied

Mon, 08 Nov 2004 06:42:50 -0800 

hello world,

My authencation process works fines (JAAS on JBoss 3.2.2 using
org.jboss.security.auth.spi.UsersRolesLoginModule for those who get
interested). It retrieves my subject with its principals (groups of
users).

The problem is this principal doesn't appear to be checked by struts
when the web.xml specifies a security constraint in this way :

<security-constraint> 
<web-resource-collection> 
   <web-resource-name>MyWebAppActions</web-resource-name> 
     <url-pattern>/action/menuView</url-pattern> 
     <http-method>HEAD</http-method> 
     <http-method>GET</http-method> 
     <http-method>POST</http-method> 
     <http-method>PUT</http-method> 
     <http-method>DELETE</http-method> 
   </web-resource-collection> 
   <auth-constraint> 
      <role-name>BasicUser</role-name> 
   </auth-constraint> 
   <user-data-constraint> 
     <transport-guarantee>NONE</transport-guarantee> 
   </user-data-constraint> 
</security-constraint>  


On run time a redirect occures because it has been coded in this way in
the web.xml file : 

<login-config> 
<auth-method>FORM</auth-method> 
<form-login-config> 
<form-login-page>/action/authenticationView</form-login-page> 
<form-error-page>/action/authenticationProcess</form-error-page> 
</form-login-config> 
</login-config> 

Dynamicly, i can see the process authentication that succeeds : 

1 - /action/authenticationProcess identifies properly the client 
i.e, my loginContext works well : i get my subject and my principals 

2 - /action/authenticationProcess tries a forward to action/menuView 

3 - this forward is rejected (our 302 redirect) because this URL is a
protected resource (my <security-constraint>) 

Maybe the relevant question is how can i map the <role-name> with one of
the principals i get from my loginContext ? 

Thx,




___[ Pub ]____________________________________________________________
Inscrivez-vous gratuitement sur Tandaime, Le site de rencontres !
http://rencontre.rencontres.com/index.php?origine=4


___[ Pub ]____________________________________________________________
Inscrivez-vous gratuitement sur Tandaime, Le site de rencontres !
http://rencontre.rencontres.com/index.php?origine=4


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to