Questions regarding JAAS. Can't we define two users with same roles? Below is my users.properties and groups.properties file. Authentication works fine but for "sapatel" user, I get 403 (access denied). Everything works fine for tomee user.
Here is my users.properties sapatel=test tomee=tomee and this is my groups.properties manager-gui=sapatel tomee-admin=sapatel manager-gui=tomee tomee-admin=tomee -----Original Message----- From: Marco de Booij [mailto:[email protected]] Sent: Wednesday, June 12, 2013 12:20 PM To: [email protected] Subject: Re: JAAS and TomEE It now works. There is something strange with the http://tomee.apache.org/tomee-jaas.html page. It is completely different from the content that I get when I want to contribute to the page. On that page the parameters userClassNames and roleClassNames are even different from the ones in your reply. With the configuration on this page I managed to get it 100% working for the application maintenance page. <!-- JAAS Security Realm --> <Realm className="org.apache.catalina.realm.JAASRealm" appName="PropertiesLogin" userClassNames="org.apache.openejb.core.security.jaas.UserPrincipal" roleClassNames="org.apache.openejb.core.security.jaas.GroupPrincipal"> </Realm> Regards, Marco Op 12-06-13 09:00, Romain Manni-Bucau schreef: > Hmm, if your loging.config contains PropertiesLoginModule it should be > fine, if you copied/pasted the snippet we have on our website it > should be PropertiesLogin: > > <Realm className="org.apache.catalina.realm.JAASRealm" > appName="PropertiesLogin" > > userClassNames="org.apache.openejb.core.security.AbstractSecurityService$User" > > roleClassNames="org.apache.openejb.core.security.AbstractSecurityServi > ce$Group"> > </Realm> > > > *Romain Manni-Bucau* > *Twitter: @rmannibucau <https://twitter.com/rmannibucau>* > *Blog: > **http://rmannibucau.wordpress.com/*<http://rmannibucau.wordpress.com/ > > > *LinkedIn: **http://fr.linkedin.com/in/rmannibucau* > *Github: https://github.com/rmannibucau*
