In my sun-application.xml I have:
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-application PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Java EE Application 5.0//EN" "
http://www.sun.com/software/appserver/dtds/sun-application_5_0-0.dtd">
<sun-application>
<security-role-mapping>
<role-name>userRole</role-name>
<group-name>user</group-name>
</security-role-mapping>
</sun-application>
which is used to bridge the gap between the application role name and the group name allocated to users in the default file realm configuration on the server. This works fine, but I do not want to use the file realm, I want to use a jdbcRealm I have setup.
Ignoring the jdbcRealm (called testJDBCRealm), which works with glassfish v2 by adding tag:
<realm>testJDBCRealm</realm>
If I try to add:
<realm>file</realm>
in the above sun-application.xml file will cause the login which works without the <realm> tag added to fail.
If the <realm> tag is before the <security-role-mapping> tag verifying the application in netbeans fails. If the <realm> tag is placed after the </security-role-mapping> tag the application passes the verification but still will fail the programmatic login process in the application.
To re-iterate I have reduced this problem down to the fact that adding a <realm> tag into the sun-application.xml file will cause programmatic login to fail even if the default file realm is specified (this being the default realm which works if not specified).
I hope this helps, if not please ask for further clarification. Note, the application is using programmatic login to bridge the gap between a standalone java app and the server security.
Thanks for response Shing,
Paul
[Message sent by forum member 'pg_glassfish' (pg_glassfish)]
http://forums.java.net/jive/thread.jspa?messageID=209267