>>>>> On Thu, 25 Mar 2010 17:03:53 -0400, Bobby Bissett <bobby.bissett_at_oracle.com> said:
>> Can someone let me know if this is a bug or the expected behavior?
>> When I use HttpServletRequest#login() to pass in user credentials,
>> the login works fine and a user principal is created. Within that
>> same request, I am now authenticated and can access resources that
>> my role(s) allows.
BB> Ah. Sorry -- was searching under 'webcontainer' and found the issue in
BB> 'security' right after I sent the email. D'oh.
BB>
https://glassfish.dev.java.net/issues/show_bug.cgi?id=11340
BB> Will try it out with a 3.0.1 build. I've written up an example of this
BB> for a blog, so I'll verify and will have to include the GF build info
BB> before sharing.
Please do, and please point me to a binary that has the fix in it. I've
been meaning to write a blog entry about how to use this feature to do
really simple RBAC with JSF, but have been blocked by this bug.
Ed
--
| edward.burns_at_oracle.com | office: 408 884 9519 OR x31640
| homepage: | http://ridingthecrest.com/