I am currently using JBoss 4.0.4 and try to write my own LoginModule to authenticate to a restricted web resource collection:
| <security-constraint> | <web-resource-collection> | <web-resource-name>SampleApplication</web-resource-name> | <url-pattern>/SampleApplication/*</url-pattern> | </web-resource-collection> | <auth-constraint> | <role-name>CertifiedUser</role-name> | </auth-constraint> | <user-data-constraint> | <transport-guarantee>NONE</transport-guarantee> | </user-data-constraint> | </security-constraint> | <security-role> | <role-name>CertifiedUser</role-name> | </security-role> | the login with my login module works well, the principals are set. but i don't understand how to add the subject a role of the web.xml, in order to access the restricted content. best regards, sidewinder View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3986136#3986136 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3986136 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user