Hi Christian,
When you package the application as EAR, then you have to make sure the
role-mapping is available in sun-application.xml file and for
individual deployed WAR/EJB JAR files, it should be in sun-web.xml or
sun-ejb-jar.xml file.
Refer the first paragraph @URL
http://docs.sun.com/app/docs/doc/819-3659/6n5s6m58j?a=view
Thanks.
-- Jagadesh
Christian Svensson wrote:
> Hello.
>
> I'm quite new to J2EE, but I've done some JSP work before including
> this very thing, back then working.
>
> I'm testing to build a complete EAR, and it works very nice. I want to
> protect my BackendCommunicator WebService with a username and a
> password, but it will not work like I want to.
>
> I have this is my web.xml:
> <?xml version="1.0" encoding="UTF-8"?>
> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xmlns="http://java.sun.com/xml/ns/javaee"
> xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd"
> xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
> http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID"
> version="2.5">
> <display-name>TestWeb</display-name>
> <welcome-file-list>
> <welcome-file>index.jsp</welcome-file>
> </welcome-file-list>
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Auth</web-resource-name>
> <url-pattern>/*</url-pattern>
> <http-method>GET</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>customer</role-name>
> </auth-constraint>
> </security-constraint>
>
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>file</realm-name>
> </login-config>
> </web-app>
>
> This works, if I have a user in the "customer" group and I enable role
> -> group mapping in glassfish.
>
> But I need role-mapping, so I make a sun-web.xml:
> <?xml version="1.0" encoding="UTF-8"?>
> <!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD
> Application Server 9.0 Servlet 2.5//EN"
> "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
> <sun-web-app error-url="">
> <context-root>/TestWeb</context-root>
> <security-role-mapping>
> <role-name>customer</role-name>
> <group-name>test-admin</group-name>
> </security-role-mapping>
> <class-loader delegate="true"/>
> <jsp-config>
> <property name="keepgenerated" value="true">
> <description>Keep a copy of the generated servlet class java
> code.</description>
> </property>
> </jsp-config>
>
> </sun-web-app>
>
> Removing user from customer and disabling role -> group and I get the
> login box as usual, but:
> [#|2007-07-08T21:16:47.746+0200|INFO|sun-appserver9.1|javax.enterprise.system.core.security|_ThreadID=14;_ThreadName=httpSSLWorkerThread-80-0;|Audit:
>
> [Web] Authorization for user = (testing) and permission type =
> (hasResourcePermission) for request GET
> /TestWeb/BackendCommunicatorService returned =false|#]
> and a big 403 page.
>
> Using GlassFish 2 with JDK/JRE 6. Developing with Eclipse 3.3.
>
> Anybody noticing what I did wrong?
> Greetings,
> Christian
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>