I tried your scenario, and it worked for me. Please try by changing the
version of web.xml and sun-web.xml to
<web-app version="2.5" xmlns="
http://java.sun.com/xml/ns/javaee"
xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application
Server 9.0 Servlet 2.5//EN"
"
http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
Thanks
Harsha
glassfish_at_javadesktop.org wrote, On Friday 30 November 2007 05:54 AM:
> Hello,
> I'm having a related, but apparently more basic problem. I am trying to figure out how authentication is enabled in Glassfish (Sun Java App server 9.1). No matter what settings I put into web.xml or sun-web.xml for the "hello" sample application, I can't get any authentication to occur when I go to the test page. It is as if all the configs I put in are being totally ignored.
>
> I've followed all the instructions I could find, as well as looked across the forum questions. Here are the the contents of my $GLASSFISH/domains/domain1/applications/j2ee-modules/hello/WEB-INF/web.xml file:
> <?xml version="1.0" encoding="UTF-8"?>
>
> <!--
> Copyright 2004-2005 Sun Microsystems, Inc. All rights reserved.
> Use is subject to license terms.
> -->
>
> <web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
> <display-name>hello</display-name>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>Testing</web-resource-name>
> <url-pattern>/*</url-pattern>
> <http-method>DELETE</http-method>
> <http-method>GET</http-method>
> <http-method>POST</http-method>
> <http-method>PUT</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>admin</role-name>
> </auth-constraint>
> </security-constraint>
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>admin-realm</realm-name>
> </login-config>
> <security-role>
> <role-name>admin</role-name>
> </security-role>
> </web-app>
>
> And here's the sun-web.xml from the same directory:
>
> <?xml version="1.0" encoding="UTF-8"?>
>
> <!--
> Copyright 2004-2005 Sun Microsystems, Inc. All rights reserved.
> Use is subject to license terms.
> -->
>
> <!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 8.1 Servlet 2.4//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_4-1.dtd">
> <sun-web-app>
> <context-root>/hello</context-root>
> <security-role-mapping>
> <role-name>admin</role-name>
> <principal-name>admin</principal-name>
> <group-name>asadmin</group-name>
> </security-role-mapping>
> </sun-web-app>
>
> I've tried to re-use the admin-realm, because I know that adminstrative authentication is working properly. The application is in question is the "Hello" form input app that has Duke waving. It was autodeployed by dropping it into the autodeployment directory.
>
> The app works fine, I just can force any kind of authentication. Obviously I'm missing something really obvious - can someone spare a clue?
>
> Thanks.
> [Message sent by forum member 'sychan' (sychan)]
>
> http://forums.java.net/jive/thread.jspa?messageID=247917
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
>