From: <glassfish_at_javadesktop.org>
Date: Tue, 17 Mar 2009 12:09:22 PDT

Hi,

I got it fixed by modifying the following configurations:

sun-web.xml
--------------------------
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Application Server 9.0 Servlet 2.5//EN" "http://www.sun.com/software/appserver/dtds/sun-web-app_2_5-0.dtd">
<sun-web-app error-url="">
  <context-root>/webJaas</context-root>
  <security-role-mapping>
    <role-name>admin</role-name>
    <group-name>admin</group-name>
    <group-name>users</group-name>
  </security-role-mapping>
  <class-loader delegate="true"/>
  <jsp-config>
    <property name="keepgenerated" value="true">
      <description>Keep a copy of the generated servlet class' java code.</description>
    </property>
  </jsp-config>
</sun-web-app>


web.xml:
-----------------------
<?xml version="1.0" encoding="UTF-8"?>
<web-app version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
    <session-config>
        <session-timeout>
            30
        </session-timeout>
    </session-config>
    <welcome-file-list>
        <welcome-file>index.jsp</welcome-file>
        </welcome-file-list>
    <security-constraint>
        <display-name>Admin</display-name>
        <web-resource-collection>
            <web-resource-name>all</web-resource-name>
            <description/>
            <url-pattern>/admin/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
            <http-method>HEAD</http-method>
            <http-method>PUT</http-method>
            <http-method>OPTIONS</http-method>
            <http-method>TRACE</http-method>
            <http-method>DELETE</http-method>
        </web-resource-collection>
        <auth-constraint>
            <description/>
            <role-name>admin</role-name>
            </auth-constraint>
        </security-constraint>
    <login-config>
        <auth-method>FORM</auth-method>
        <realm-name>MyRealm</realm-name>
    <form-login-config>
      <form-login-page>/login.jsp</form-login-page>
      <form-error-page>/login.jsp</form-error-page>
    </form-login-config>
        </login-config>
    <security-role>
        <description/>
        <role-name>admin</role-name>
    </security-role>
    </web-app>
[Message sent by forum member 'ammula' (ammula)]

http://forums.java.net/jive/thread.jspa?messageID=337511