[ http://issues.apache.org/jira/browse/GERONIMO-2274?page=all ]
Vamsavardhana Reddy updated GERONIMO-2274: ------------------------------------------ Attachment: GERONIMO-2274.patch GERONIMO-2274.patch: Fixes the problem in SecurityBuilder. SecurityBuilder is passing realmName instead of domainName and vice versa in constructing RealmPrincipal. > realm-principal does not work in web app security > ------------------------------------------------- > > Key: GERONIMO-2274 > URL: http://issues.apache.org/jira/browse/GERONIMO-2274 > Project: Geronimo > Issue Type: Bug > Security Level: public(Regular issues) > Components: security > Affects Versions: 1.1 > Environment: WinXP, G1.1.1-SNAPSHOT, Tomcat > Reporter: Vamsavardhana Reddy > Assigned To: Vamsavardhana Reddy > Fix For: 1.2, 1.1.2 > > Attachments: GERONIMO-2274.patch, geronimo-web.xml, > sql-realm-advanced.xml > > > I have deployed a security realm with "wrap-principals" set to true. Then, I > have deployed a web application to authenticate against this security realm. > In the web app deployment plan, I have used realm-principal in role mapping. > Even though login is successful, I am getting Error HTTP 403 Forbidden. > Authorization works as expected if I use login-domain-principal or principal > instead of realm-principal. Appears like realm-principal is not working as > expected. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://issues.apache.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira