Hello,
I try to develop a custom realm the last days...
I follow the docs and a view blog entries about that .
I derived my custom realm from AppservRealm.
I also implemented the corresponding LoginModule (deriving from
AppservPasswordLoginModule)
I configured the Realm via the web interface and added the login module
to the login.conf.
But when I save the realm conf, I get following error log:
The FileRealm classname, "de.test.security.MyCustomRealm" does not
extend "com.sun.enterprise.security.auth.realm.file.FileRealm".|#]
When I ignore this log and try to login using a simple web app with
following web.xml entries:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>StudiOrgaRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginerror.jsp</form-error-page>
</form-login-config>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>User Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Users</role-name>
</auth-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Admin Area</web-resource-name>
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Admins</role-name>
</auth-constraint>
</security-constraint>
I get following:
[#|2008-05-24T00:30:38.312+0200|INFO|sun-appserver9.1|javax.enterprise.system.core.security|_ThreadID=15;_ThreadName=httpSSLWorkerThread-8080-1;admin;|SEC5046:
Audit: Authentication refused for [admin].|#]
[#|2008-05-24T00:30:38.312+0200|WARNING|sun-appserver9.1|javax.enterprise.system.container.web|_ThreadID=15;_ThreadName=httpSSLWorkerThread-8080-1;_RequestID=22ec490e-f5e4-41ff-9989-8154a4c09210;|Web
login failed: Login failed: javax.security.auth.login.LoginException:
Failed file login for admin.|#]
hope somebody can help me :)
Dirk (germany)