users@glassfish.java.net

[gf-users] help diagnosing authorization issue GF 4.1 b-13 or maybe b-12?

From: Chris Prince <cprince_at_computer.org>
Date: Sun, 1 Mar 2015 12:51:09 -0800

I have an odd issue with my application that I am trying to diagnose. It is
using a JDBC Realm that pulls from database views. I've used similar
configurations for years on dozens of systems.

 

The problem that occurs is that users authenticated, but are not authorized.
I assumed, of course, I had some settings incorrect in the realm, however
turning logging up to finest as well as debugging the JDBCRealm source shows
that the groups are in fact being loaded. ie. when commitAuthentication(..)
is called the grpList is contains all assigned roles (and matches roles in
application.xml)

 

The only way so far that I can get groups assigned to a logged in user is
with the "Assign Groups" field in the realm.

 

 

I could use some guidance on a couple things:

    Which tag has the b-13 source code. I was only able to find a 4.1 b-12

    If I was try tracing the issue from the web authorization what is a good
class to start with and where can I find it.

 

 

Thanks

Chris