Do you have security role mapping specified in sun-web.xml?
You might want to check out https-server-glassfish sample, it shows how
to set "http basic auth" protected resource.
Pavel
Felipe Gaścho wrote:
> I am still having problems with that....
>
> ClientConfig config = new DefaultClientConfig();
> Client client = Client.create(config);
> client.addFilter(new HTTPBasicAuthFilter("tosh", "teste"));
> WebResource arena2 = client.resource(BaseURI);
>
> return arena2.path("atom").path("jobs").type("application/xml").post(EntryType.class,
> entry);
>
> com.sun.jersey.api.client.UniformInterfaceException: POST
> http://localhost:8080/arena-http/atom/jobs returned a response status
> of 302
> at com.sun.jersey.api.client.WebResource.handle(WebResource.java:563)
> at com.sun.jersey.api.client.WebResource.access$300(WebResource.java:69)
> at com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:499)
> at com.kenai.puj.arena.client.test.AtomFeedIntegrationTest.createEntry(AtomFeedIntegrationTest.java:316)
> at com.kenai.puj.arena.client.test.AtomFeedIntegrationTest.wroundtrip(AtomFeedIntegrationTest.java:32)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:597)
>
>
> on the GF log:
>
> [#|2010-01-15T18:32:55.911+0100|INFO|glassfishv3.0|javax.enterprise.system.core.security|_ThreadID=27;_ThreadName=Thread-1;|JACC
> Policy Provider: Failed Permission Check,
> context(arena-puj/arena-http_war)-
> permission((javax.security.jacc.WebUserDataPermission /atom/jobs
> POST))|#]
>
>
> the server code:
>
> @POST
> @Consumes( { MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
> @Produces( { MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
> @Path("{category}")
> public EntryType create(@PathParam("category") String
> category, EntryType entity) {
> return facade.create(entity);
> }
>
>
> the web.xml:
>
> <security-constraint>
> <display-name>Atom publishing is restricted to the sponsors</display-name>
> <web-resource-collection>
> <web-resource-name>AtomPubConstraint</web-resource-name>
> <description />
> <url-pattern>/atom/*</url-pattern>
> <http-method>POST</http-method>
> <http-method>DELETE</http-method>
> </web-resource-collection>
> <auth-constraint>
> <description>PUJ Atom Security</description>
> <role-name>sponsor</role-name>
> </auth-constraint>
> <user-data-constraint>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> </user-data-constraint>
> </security-constraint>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_jersey.dev.java.net
> For additional commands, e-mail: users-help_at_jersey.dev.java.net
>
>