On 04-Sep-2011, at 9:50 PM, forums_at_java.net wrote:
> Hello,
>
> Thanks for your reply, I think your answer has been truncated,
ya this keeps happening.
> so I have not
> the end of it.
>
> .....
>
> regarding the ability to have isUserInRole returning true for role names non
> declared in web.xml.
>
> I know it is the normal JEE behavior, but I found a way to have it working in
> every application server I tested.
>
> It seems that there are some way to achieve this with glassfish (I found some
> pointer on google, that unfortunately give page not found now )
Here is what i had written towards the end :
Even after default P2R you would still need to have the roles declared in web.xml, only then the policy generation would know what policy to generate.
But there is an alternate Authorization Provider that provides the ability to create a custom RoleMapper. See here :
http://blogs.oracle.com/monzillo/entry/prelude_includes_portable_in_memory
You need not implement all the methods in the interface and some cleanup is pending, but you can see the code in :
http://java.net/projects/glassfish/sources/svn/content/trunk/v3/security/inmemory.jacc.provider/src/main/java/com/sun/enterprise/security/jacc/provider/GlassfishRoleMapper.java?rev=47593
for a sample.
>
> Best regards,
>
> Arnaud
>
>
>
>
> --
>
> [Message sent by forum member 'amergey']
>
> View Post: http://forums.java.net/node/839637
>
>