Hi:
I am trying to implement authentication and authorization using JAASRealm.
(I am following the instruction provided at -
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html).

I have the following issue -
I have created a class extending Principal for the role. I am setting the
right name of the role (which I fetch from DB) and add the class to Subject.
I have also made entries in server.xml as follows (i set debug to 0 hoping
for more debug info) -
<Realm className="org.apache.catalina.realm.JAASRealm"                 
                        appName="TMSLogin"       
            userClassNames="tms.core.authentication.TMSPrincipal" 
            roleClassNames="tms.core.authentication.TMSRoles" 
                              debug="0"/>

my entry in web.xml is the following -
<security-constraint>
           <display-name>AdminConstraint</display-name>
           <web-resource-collection>
               <web-resource-name>TMSAdmin</web-resource-name>
               <description>Only for administrators</description>
               <url-pattern>/admin/*</url-pattern>
               <http-method>GET</http-method>
               <http-method>POST</http-method>
           </web-resource-collection>
           <auth-constraint>
               <description/>
               <role-name>ADMIN</role-name>
           </auth-constraint>
     </security-constraint>
       
       
       <security-role>
           <description>ADMIN</description>
           <role-name>ADMIN</role-name>
       </security-role>

the getName() of the TMSRoles instance returns "ADMIN", which should allow
url /admin/*.

However, I am still getting HTTP 403.

Please help.

thanx
Shahab
-- 
View this message in context: 
http://www.nabble.com/how-to-set-role-for-JAASReal-tf3351040.html#a9318370
Sent from the Struts - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to