From: <glassfish_at_javadesktop.org>
Date: Mon, 16 Jun 2008 07:22:33 PDT

did you redeploy your app after you changed web.xml?

do you have an unqualified grant of allPermission in server.policy or in .java.policy?

( see the following for an explaination:
http://blogs.sun.com/monzillo/entry/policy_files_the_securitymanager_and )

if neither of the above lead to a resolution, please attach the policy files of your app, and also and provide the request uri, that you expect to result in an authentication.

you will find the policy files under domains/domainx/generated/policy/appname/module-name/

Ron
[Message sent by forum member 'monzillo' (monzillo)]

http://forums.java.net/jive/thread.jspa?messageID=280497