how to set role for JAASRealm

Google

Mailing List

Home

Forum Home

JBoss - Java Application Server

Tomcat - JSP/Servlet container

Struts - A MVC web framework

iText - An open source PDF Java Library

JDOM - JDOM XML Parser

JSP - A mailing list about Java Server Pages specification and reference

J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition

J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog

Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology

Struts & Hibernate

Subjects

•	JSP editor plugin for eclipse ?
•	org apache jasper JasperException: Unable to compile class for JSP
•	Tomcat: Connection reset by peer: socket write error
•	Cannot retrieve definition for form bean null
•	Struts Tiles Tutorial (free Struts training)
•	Where do I download Tomcat 4 0 6?
•	Data Access Object (DAO) pattern, example DAO 's
•	Where to download Tomcat v 4 1 24 from?
•	Tomcat 5 0 16 Requested resource not available
•	Oracle Connection Pooling in 3 2 2
•	Servlet : Session invalidate
•	Servlet action is currently unavailable
•	Tomcat/Struts Unicode Encoding/Decoding problems
•	Tomcat and webapplication specific java library path
•	Running a Simple JMS Example
•	Mapping in workers2 properties
•	org apache jasper JasperException
•	Cannot find message resources under key org apache struts action MESSAGE
•	problem with html:text bean throwing exception
•	Cannot find message resources under key org apache struts action MESSAGE
•	invalid direct reference problem with solution
•	Tool for jsp debug Try Sysdeo Eclipse Plugin
•	Tomcat 5 Cannot load JDBC driver class 'null ' SQL state: null
•	weblogic ejbc
•	java properties file
•	Jboss 3 2 3 Coyote Can 't re
•	Tomcat 5, Apache2 and mod jk2 integration problem
•	JBoss example problem new to J2EE
•	url string for connecting jboss to oracle
•	Value attribute of <html:checkbox
•	javax servlet ServletException: BeanUtils populate
•	HTTP Status 404 The requested resource is not available
•	5 0 18: Windows XP Pro vs Windows 2000

how to set role for JAASRealm

how to set role for JAASRealm

2007-03-05 - By shahab

Back

Reply: 1 2 3

Hi:
I am trying to implement authentication and authorization using JAASRealm.
(I am following the instruction provided at -
http://tomcat.apache.org/tomcat-6 (See http://cat-6.ora-code.com).0-doc/realm-howto.html).

I have the following issue -
I have created a class extending Principal for the role. I am setting the
right name of the role (which I fetch from DB) and add the class to Subject.
I have also made entries in server.xml as follows (i set debug to 0 hoping
for more debug info) -
<Realm className="org.apache.catalina.realm.JAASRealm

Source code of org.apache.catalina.realm.JAASRealm

"
appName="TMSLogin"
userClassNames="tms.core.authentication.TMSPrincipal"
roleClassNames="tms.core.authentication.TMSRoles"
debug="0"/>

my entry in web.xml is the following -
<security-constraint>
<display-name>AdminConstraint</display-name>
<web-resource-collection>
<web-resource-name>TMSAdmin</web-resource-name>
<description>Only for administrators</description>
<url-pattern>/admin/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<description/>
<role-name>ADMIN</role-name>
</auth-constraint>
</security-constraint>

<security-role>
<description>ADMIN</description>
<role-name>ADMIN</role-name>
</security-role>

the getName() of the TMSRoles instance returns "ADMIN", which should allow
url /admin/*.

However, I am still getting HTTP 403.

Please help.

thanx
Shahab
--
View this message in context: http://www.nabble.com/how-to-set-role-for
-JAASRealm-tf3351040.html#a9318370
Sent from the Struts - User mailing list archive at Nabble.com.

-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: user-unsubscribe@(protected)
For additional commands, e-mail: user-help@(protected)