Hi,
I've been struggling for three weeks to find a solution to this problem.
I have coded a custom realm that does the same as JDBCRealm, only it uses a different database format (which is why I coded the custom realm).
I use Sun Java System Application Server 9.1
When I start the server, I see in the log file that my custom realm (named ExpoLangRealm) is initialized successfuly.
I have set ExpoLangRealm to be the default realm of my server, and enabled default role mapping.
When I try to log using my web application form (through j_security_check), I get:
[#|2008-02-20T22:38:21.500+0200|INFO|sun-appserver9.1|javax.enterprise.system.core.security|_ThreadID=17;_ThreadName=httpSSLWorkerThread-8080-1;bobo;|SEC5046: Audit: Authentication refused for [bobo].|#]
[#|2008-02-20T22:38:21.500+0200|WARNING|sun-appserver9.1|javax.enterprise.system.container.web|_ThreadID=17;_ThreadName=httpSSLWorkerThread-8080-1;_RequestID=fd0e1e91-51f1-4f68-9e45-687288a7a0bb;|Web login failed: Login failed: java.lang.ArrayIndexOutOfBoundsException: 30|#]
Below are my deployment descriptor files:
web.xml:
--------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<web-app id="WebApp_ID" version="2.5" xmlns="
http://java.sun.com/xml/ns/javaee" xmlns:web="
http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="
http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
<display-name>ExpoLang</display-name>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
<welcome-file>index.htm</welcome-file>
<welcome-file>index.jsp</welcome-file>
<welcome-file>default.html</welcome-file>
<welcome-file>default.htm</welcome-file>
<welcome-file>default.jsp</welcome-file>
<welcome-file>login.jsp</welcome-file>
</welcome-file-list>
<servlet>
<display-name>ControlPanelServlet</display-name>
<servlet-name>ControlPanelServlet</servlet-name>
<servlet-class>com.expolang.servlets.cp.ControlPanelServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ControlPanelServlet</servlet-name>
<url-pattern>/cp</url-pattern>
</servlet-mapping>
<servlet>
<description/>
<display-name>StudentSessionServlet</display-name>
<servlet-name>StudentSessionServlet</servlet-name>
<servlet-class>com.expolang.servlets.cp.student.StudentSessionServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>StudentSessionServlet</servlet-name>
<url-pattern>/cp/student</url-pattern>
</servlet-mapping>
<servlet>
<description/>
<display-name>CardsSessionServlet</display-name>
<servlet-name>CardsSessionServlet</servlet-name>
<servlet-class>com.expolang.servlets.cp.student.CardsSessionServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>CardsSessionServlet</servlet-name>
<url-pattern>/cp/student/exchangeCards</url-pattern>
</servlet-mapping>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>ExpoLangRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>Student</role-name>
</security-role>
<security-role>
<role-name>Admin</role-name>
</security-role>
<security-role>
<role-name>TA</role-name>
</security-role>
<security-role>
<role-name>Designer</role-name>
</security-role>
<security-role>
<role-name>Coordinator</role-name>
</security-role>
<security-constraint>
<display-name>Control Panel Constraint</display-name>
<web-resource-collection>
<web-resource-name>ControlPanelServlet</web-resource-name>
<description/>
<url-pattern>/cp/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Student</role-name>
<role-name>Admin</role-name>
<role-name>TA</role-name>
<role-name>Designer</role-name>
<role-name>Coordinator</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<display-name>Student Session Constraint</display-name>
<web-resource-collection>
<web-resource-name>StudentSessionServlet</web-resource-name>
<url-pattern>/cp/student/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Student</role-name>
</auth-constraint>
</security-constraint>
</web-app>
--------------------------------------------------------------------------------
sun-application.xml:
--------------------------------------------------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-application PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Java EE Application 5.0//EN" "
http://www.sun.com/software/appserver/dtds/sun-application_5_0-0.dtd">
<sun-application>
<realm>ExpoLangRealm</realm>
<security-role-mapping>
<role-name>Student</role-name>
<group-name>Student</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>TA</role-name>
<group-name>TA</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>Coordinator</role-name>
<group-name>Coordinator</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>Designer</role-name>
<group-name>Designer</group-name>
</security-role-mapping>
<security-role-mapping>
<role-name>Admin</role-name>
<group-name>Admin</group-name>
</security-role-mapping>
</sun-application>
--------------------------------------------------------------------------------
Can anybody please direct me where could I be wrong?
[Message sent by forum member 'bobohaskel' (bobohaskel)]
http://forums.java.net/jive/thread.jspa?messageID=260026