Kumar Jayanti wrote:
> Amy Roh wrote:
>> I am getting 403 accessing an webapp deployed in embedded mode.
>> Further debugging shows that
>> WebSecurityManager.hasNoConstrainedResources() is returning false
>> whereas the same webapp deployed non-embedded returns true for
>> WebSecurityManager.hasNoConstrainedResources(). The webapp does not
>> have any security constraints defined.
>>
> Not sure what is going wrong. Please file a bug and give us the code
> that you are using to test this (plus the WAR file).
I've filed an issue [1] 8952. Embedded deployment doesn't create
necessary security file (granted.policy) under generated directory which
is causing 403 for *any* webapps.
[1]
https://glassfish.dev.java.net/issues/show_bug.cgi?id=8952
Amy
>
> regards,
> kumar
>
>> WebSecurityManager.allResourcesCP and allConnectionsCP permission are
>> false for embedded scenario.
>>
>> // permissions tied to unchecked permission cache, and used
>> // to determine if the effective policy is grant all
>> // WebUserData and WebResource permisions.
>> private CachedPermission allResourcesCP = null;
>>
>> private CachedPermission allConnectionsCP = null;
>>
>> Where do I need to grant additional security settings if at all for
>> embedded case?
>>
>> Thanks,
>> Amy
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
>> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: dev-help_at_glassfish.dev.java.net
>