>
> In conclusion the same web application with a form based
> authentication works if it is deployed as a WAR file, but it doesn't
> work if it is deployed in an EAR file. Probably I am missing
> something? Where is my error?
You may be running into this issue:
https://glassfish.dev.java.net/issues/show_bug.cgi?id=2475
In the past, only the top level role mapping file (in
sun-application.xml) was read by the server at deployment time. This is
the simplest way to do it, but means if you repackage a war inside an
ear then things won't work without some editing. Try moving the role
mapping to the top level and see if that is the issue.
I have the fix ready to read the mappings in web and ear modules within
an app, but don't want to commit it until I have the code ready to
detect and deal with role conflicts to avoid opening a security hole in
a poorly-written application (am adding more text to the issue
description right now if you're curious about the details).
Cheers,
Bobby