Today i installed nb6.8 and the official glassfish release in the hope of resolving some problem is have while looking into the new Java EE 6 spec. So I have some minor questions:
So first question: When i execute a request.login(user, password) with a correct password ( the setup with basic authentication wordks) I see the RemoteUser, the Principle and i can query the roles the user has. But after going to a secured folder (that is accessable when using basic login) I get redirected to the login page. Also when looking at the principal I notice it is no longer there. Is this how it is supposed to work or is this a bug. (I also tried the authenticate methode but that doesn't work either between requests)
The second thing is: When using the annotations for security thing just don't work. @DeclaredRoles, and @RolesAllowed don't work. I also notice there is a @ServletSecurity annotation in javax.annotation that isn't in the oficial spec. What are the plans for this?
Steven
[Message sent by forum member 'verborghs' ]
http://forums.java.net/jive/thread.jspa?messageID=375927