Hello,
I'm using Hibernate with domain to table mapping so my tables are generated automaticly. I also have an entity for Users and Groups for the Glassfish security.
I can login with a "j_security_check" (bad usernames/passwords are succesfully recognised) but it's like the groups are not recognised: I can access both "/admin" as "/user" pages with a "user" role and vica versa.
Eg:
[i]request.isUserInRole("ADMIN") +" "+ request.isUserInRole("USER")+" "+ request.isUserInRole("NONEXISTINGROLE")[/i]
for loggedin USER: returns true true false
for loggedin ADMIN returns true true false
I included my files and here is my glassfish realm settings:
Jaas Context: jdbcRealm
JNDI: jdbc/competenceTool
User table: securityuser
User name column: userid
Password Column: password
Group Table: securitygroup
Group Name Column: groupId
Assign Groups: ADMIN,USER
I hope this is clear and someone sees the problem.
Thank you very much!
[Message sent by forum member 'sizzla' (michael_bavin_at_hotmail.com)]
http://forums.java.net/jive/thread.jspa?messageID=384702