Also, could you please let us know about the realm properties (mapping
of the columns to the realm properties ) ?
Thanks
Nithya
On Tuesday 30 August 2011 10:53 AM, Kumar Jayanti wrote:
> You are using a Custom Realm NlinkRealm. Can you tell us if that is a copy of the GlassFish JDBC Realm ?. Have you tried using JDBCRealm from GlassFish ?.
>
> Make sure that the following method is overridden correctly in your custom Realm :
>
> public abstract Enumeration getGroupNames (String username)
> throws InvalidOperationException, NoSuchUserException;
>
>
> On 29-Aug-2011, at 11:04 PM, forums_at_java.net wrote:
>
>> We are running 3.0.1
>>
>> We are trying to secure subfolders, ie parts, to only the parts group. It is
>> not working as advertised. As long as a person exists in the groups table,
>> does not matter what group is next to the account name..it will let all into
>> that constrained part of the website. No errors showing on any setting within
>> the glassfish logs.
>>
>> CREATE TABLE t_groups
>> (
>> c_username character varying(15) NOT NULL,
>> groups character varying(15),
>> CONSTRAINT pk_c_username PRIMARY KEY (c_username),
>> CONSTRAINT "fk_loginUser" FOREIGN KEY (c_username)
>> REFERENCES t_login (c_username) MATCH SIMPLE
>> ON UPDATE NO ACTION ON DELETE NO ACTION
>> )
>>
>>
>> CREATE TABLE t_login
>> (
>> c_id integer NOT NULL,
>> c_username character varying(20) NOT NULL,
>> c_password character varying(65) NOT NULL,
>> c_active smallint DEFAULT 0,
>> c_access integer DEFAULT 0,
>> c_company character varying(35),
>> c_role integer DEFAULT 2,
>> CONSTRAINT pk_username PRIMARY KEY (c_username)
>> )
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>> <!DOCTYPE sun-web-app PUBLIC "-//Sun Microsystems, Inc.//DTD GlassFish
>> Application Server 3.0 Servlet 3.0//EN"
>> "http://www.sun.com/software/appserver/dtds/sun-web-app_3_0-0.dtd">
>> <sun-web-app error-url="">
>> <!-- property name="alternatedocroot_1" value="from=/faces/*
>> dir=D:/images/thumbs" / -->
>> <context-root>/NLINK01</context-root>
>>
>> <security-role-mapping>
>> <role-name>parts</role-name>
>> <group-name>Parts</group-name>
>> </security-role-mapping>
>> <security-role-mapping>
>> <role-name>users</role-name>
>> <group-name>Users</group-name>
>> </security-role-mapping>
>> <security-role-mapping>
>> <role-name>admins</role-name>
>> <group-name>Admins</group-name>
>> </security-role-mapping>
>> </sun-web-app>
>>
>>
>>
>> <web-app xmlns="http://java.sun.com/xml/ns/javaee"
>>
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>>
>> xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
>> http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
>> version="3.0">
>> <session-config>
>> <session-timeout>
>> 30
>> </session-timeout>
>> </session-config>
>>
>>
>> <security-constraint>
>> <display-name>SecurePlace</display-name>
>> <web-resource-collection>
>> <web-resource-name>Secure
>> Application</web-resource-name>
>> <url-pattern>/parts/*</url-pattern>
>> </web-resource-collection>
>> <auth-constraint>
>> <role-name>parts</role-name>
>> <role-name>admins</role-name>
>> </auth-constraint>
>>
>> </security-constraint>
>> <security-constraint>
>> <display-name>SecurePlace</display-name>
>> <web-resource-collection>
>> <web-resource-name>Secure
>> Application</web-resource-name>
>> <url-pattern>/NLINK/*</url-pattern>
>> </web-resource-collection>
>> <auth-constraint>
>> <role-name>users</role-name>
>> <role-name>admins</role-name>
>> </auth-constraint>
>>
>> </security-constraint>
>>
>> <login-config>
>> <auth-method>FORM</auth-method>
>> <realm-name>NlinkRealm</realm-name>
>> <form-login-config>
>> <form-login-page>/login.jsp</form-login-page>
>> <form-error-page>/error.jsp</form-error-page>
>> </form-login-config>
>> </login-config>
>>
>>
>> </web-app>
>>
>> Any help would be appreciated.
>>
>> Ron
>>
>>
>>
>>
>> --
>>
>> [Message sent by forum member 'fitnage']
>>
>> View Post: http://forums.java.net/node/838469
>>
>>