Hi:
I am trying to implement authentication and authorization using JAASRealm.
(I am following the instruction provided at -
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html).
I have the following issue -
I have created a class extending Principal for the role. I am setting the
right name of the role (which I fetch from DB) and add the class to Subject.
I have also made entries in server.xml as follows (i set debug to 0 hoping
for more debug info) -
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="TMSLogin"
userClassNames="tms.core.authentication.TMSPrincipal"
roleClassNames="tms.core.authentication.TMSRoles"
debug="0"/>
my entry in web.xml is the following -
<security-constraint>
<display-name>AdminConstraint</display-name>
<web-resource-collection>
<web-resource-name>TMSAdmin</web-resource-name>
<description>Only for administrators</description>
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>ADMIN</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<description>ADMIN</description>
<role-name>ADMIN</role-name>
</security-role>
the getName() of the TMSRoles instance returns "ADMIN", which should allow
url /admin/*.
However, I am still getting HTTP 403.
Please help.
thanx
Shahab
--
View this message in context:
http://www.nabble.com/how-to-set-role-for-JAASReal-tf3351040.html#a9318370
Sent from the Struts - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
