Amy Roh wrote:
> I am getting 403 accessing an webapp deployed in embedded mode.
> Further debugging shows that
> WebSecurityManager.hasNoConstrainedResources() is returning false
> whereas the same webapp deployed non-embedded returns true for
> WebSecurityManager.hasNoConstrainedResources(). The webapp does not
> have any security constraints defined.
>
Not sure what is going wrong. Please file a bug and give us the code
that you are using to test this (plus the WAR file).
regards,
kumar
> WebSecurityManager.allResourcesCP and allConnectionsCP permission are
> false for embedded scenario.
>
> // permissions tied to unchecked permission cache, and used
> // to determine if the effective policy is grant all
> // WebUserData and WebResource permisions.
> private CachedPermission allResourcesCP = null;
>
> private CachedPermission allConnectionsCP = null;
>
> Where do I need to grant additional security settings if at all for
> embedded case?
>
> Thanks,
> Amy
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>
>