Hi all,
I'm trying to implement authentication using j_security_check. Till
now it worked fine, when I added a new file user with a new group. But
what I want to do is use the default admin user. When I checked the
admin-realm the group defined was "asadmin". I've made the following
entry in web.xml :
<security-constraint>
<web-resource-collection>
<web-resource-name>SecureResource</web-resource-name>
<url-pattern>/authorized</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>asadmin</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
and in sun-web.xml
<sun-web-app>
<security-role-mapping>
<role-name>asadmin</role-name>
<group-name>asadmin</group-name>
</security-role-mapping>
</sun-web-app>
But I get the following exception when I try to provide the credentials
of admin user :
[#|2006-11-13T12:10:45.950+0530|INFO|sun-appserver-pe9.1|javax.enterprise.system.core.security|_ThreadID=15;_ThreadName=httpWorkerThread-8080-1;admin;|SEC5046:
Audit: Authentication refused for [admin].|#]
[#|2006-11-13T12:10:45.950+0530|WARNING|sun-appserver-pe9.1|javax.enterprise.system.container.web|_ThreadID=15;_ThreadName=httpWorkerThread-8080-1;_RequestID=930578ad-a5c8-430a-ae48-abc6e85431af;|Web
login failed: Login failed: javax.security.auth.login.LoginException:
Failed file login for admin.|#]
Is there anything that I'm missing? Or is it just that I cannot use the
admin user for HTTP Form Based Authentication?
Regards,
Karthik