Hi: I am trying to implement authentication and authorization using JAASRealm. (I am following the instruction provided at - http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html).
I have the following issue - I have created a class extending Principal for the role. I am setting the right name of the role (which I fetch from DB) and add the class to Subject. I have also made entries in server.xml as follows (i set debug to 0 hoping for more debug info) - <Realm className="org.apache.catalina.realm.JAASRealm" appName="TMSLogin" userClassNames="tms.core.authentication.TMSPrincipal" roleClassNames="tms.core.authentication.TMSRoles" debug="0"/> my entry in web.xml is the following - <security-constraint> <display-name>AdminConstraint</display-name> <web-resource-collection> <web-resource-name>TMSAdmin</web-resource-name> <description>Only for administrators</description> <url-pattern>/admin/*</url-pattern> <http-method>GET</http-method> <http-method>POST</http-method> </web-resource-collection> <auth-constraint> <description/> <role-name>ADMIN</role-name> </auth-constraint> </security-constraint> <security-role> <description>ADMIN</description> <role-name>ADMIN</role-name> </security-role> the getName() of the TMSRoles instance returns "ADMIN", which should allow url /admin/*. However, I am still getting HTTP 403. Please help. thanx Shahab -- View this message in context: http://www.nabble.com/how-to-set-role-for-JAASReal-tf3351040.html#a9318370 Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]