users@glassfish.java.net

Re: admin gui login without credentials

From: <glassfish_at_javadesktop.org>
Date: Tue, 09 Dec 2008 10:09:20 PST

I looked into granted.policy and I have no grant for allPermission.

In the file /opt/SUNWappserver/domains/domain1/generated/policy/admingui/admingui/granted.policy I have:

grant {
  permission javax.security.jacc.WebResourcePermission "*.jsf:/download/*:/resource/css/*:/resource/images/*:/resource/js/*:/theme/META-INF/*:
/theme/com/sun/webui/*:/resource/*:/theme/*", "!DELETE,GET,POST,PUT";
  permission javax.security.jacc.WebResourcePermission "/resource/js/*";
  permission javax.security.jacc.WebResourcePermission "/theme/META-INF/*";
  permission javax.security.jacc.WebResourcePermission "/theme/*:/theme/META-INF/*:/theme/com/sun/webui/*", "!DELETE,GET,POST,PUT";
  permission javax.security.jacc.WebResourcePermission "/theme/com/sun/webui/*";
  permission javax.security.jacc.WebResourcePermission "/resource/css/*";
  permission javax.security.jacc.WebResourcePermission "/resource/images/*";
  permission javax.security.jacc.WebResourcePermission "/resource/*:/resource/css/*:/resource/images/*:/resource/js/*", "!DELETE,GET,POST,PUT"
;
  permission javax.security.jacc.WebResourcePermission "/:/resource/images/*:/resource/css/*:/resource/js/*:/theme/META-INF/*:/theme/com/sun/w
ebui/*:/download/*:*.jsf:/resource/*:/theme/*";
  permission javax.security.jacc.WebResourcePermission "/download/*", "!DELETE,GET,POST,PUT";
  permission javax.security.jacc.WebUserDataPermission "*.jsf:/download/*:/resource/css/*:/resource/images/*:/resource/js/*:/theme/META-INF/*:
/theme/com/sun/webui/*:/resource/*:/theme/*";
  permission javax.security.jacc.WebUserDataPermission "/download/*";
  permission javax.security.jacc.WebUserDataPermission "/:/resource/images/*:/resource/css/*:/resource/js/*:/theme/META-INF/*:/theme/com/sun/w
ebui/*:/download/*:*.jsf:/resource/*:/theme/*";
  permission javax.security.jacc.WebUserDataPermission "/resource/images/*";
  permission javax.security.jacc.WebUserDataPermission "/theme/*:/theme/META-INF/*:/theme/com/sun/webui/*";
  permission javax.security.jacc.WebUserDataPermission "/resource/js/*";
  permission javax.security.jacc.WebUserDataPermission "/resource/css/*";
  permission javax.security.jacc.WebUserDataPermission "/resource/*:/resource/css/*:/resource/images/*:/resource/js/*";
  permission javax.security.jacc.WebUserDataPermission "/theme/META-INF/*";
  permission javax.security.jacc.WebUserDataPermission "/theme/com/sun/webui/*";
};

grant principal com.sun.enterprise.deployment.Group "asadmin" {
...snip...
};
grant principal com.sun.enterprise.deployment.PrincipalImpl "admin" {
...snip...
};

So is this really wrong?
[Message sent by forum member 'vvlier' (vvlier)]

http://forums.java.net/jive/thread.jspa?messageID=320845
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.