We are using jboss 3.2.3 and using a security contraint for NTLM. We can authenticate
fine. But once authenticated, our forms that have 'input' fields on them are 'lost'
when submitted.
They are being submitted with an action="post".
If I remove the security constraint, the application works fine. (minus the fact no
security is performed)
If I use ieHttpHeader utility tool, I see the posted data when I am not securing the
application, but when I turn security back on, the posted data is not present any
longer on the request.
1-where is the data being lost? What is not putting the posted data on the request?
2-How can I correct.
Thanks
Security contains in web.xml is:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secured Content</web-resource-name>
Require users to authenticate
<url-pattern>/secure/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
Only allow Authenticated Users role
<role-name>Users</role-name>
</auth-constraint>
<user-data-constraint>
Encryption is not required for the application in general.
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
JBoss-web.xml looks like:
<jboss-web>
<security-domain>java:/jaas/pdk-eiam-security</security-domain>
<ejb-ref>
<ejb-ref-name>ejb/UserInfoSession</ejb-ref-name>
<jndi-name>ejb/UserInfoSession</jndi-name>
</ejb-ref>
</jboss-web>
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3853781#3853781
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3853781
-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_id=5588&alloc_id=12065&op=click
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user
