Re: [JBoss-user] Authentication Problem...

Wed, 27 Jun 2001 01:12:14 -0700 

I don't understand what you mean by propertyAdmin being changed to 'guest'.
You have to change the web-app/seccurity-constraint/auth-constraint/role-name
to guest to allow green/null and green/green. To allow only green/green the
role-name would have to be user. Both scenarios work for me. Here is the
correct web.xml for that would only allow green/green(or any username/password
that are equal):

web 2138>cat WEB-INF/web.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app
    PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
    "http://java.sun.com/j2ee/dtds/web-app_2_2.dtd";>

<web-app>
<!-- ### Servlets -->
    <servlet>
        <servlet-name>index</servlet-name>
        <jsp-file>/index.jsp</jsp-file>
    </servlet>

<!-- ### Security -->
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>Restricted</web-resource-name>
            <description>Declarative security tests</description>
            <url-pattern>/*</url-pattern>
            <http-method>GET</http-method>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <role-name>guest</role-name>
        </auth-constraint>
    </security-constraint>

    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>JBossTest Servlets</realm-name>
    </login-config>

</web-app>

----- Original Message ----- 
From: "David Green" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, June 26, 2001 9:36 PM
Subject: Re: [JBoss-user] Authentication Problem...


> I'm having no luck with this :(
> 
> Here's what I have now:
> 
> WEB-INF/jboss-web.xml:
> ----------------------
> <jboss-web>
>   <security-domain>java:/jaas/simple</security-domain>
> </jboss-web>
> ----------------------
> 
> WEB-INF/web.xml:
>   Changed all instances of propertyAdmin to "guest", since that's what
>   'simple' returns if a user is authenticated.
> 
> Simple is indeed set up in conf/tomcat/auth.conf and in
> conf/default/auth.conf... it's marked as 'required' and it's not commented
> out.
> 
> i try logging into the page with green/green or green/(nopassword) and get
> rejected.
> 
> Redeployed the file, restarted the server, banged on the computer with a
> large hammer... nothing seems to work... :(
> 
> David Green
> 



_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to