Does it make any difference if i set the domain in the auth.conf by: | http { | org.jboss.security.ClientLoginModule required multi-threaded=true; | }; | or in the login config by:
| <application-policy name="http"> | <authentication> | <login-module code = "org.jboss.security.ClientLoginModule" | flag = "required" multi-threaded="true"> | </login-module> | </authentication> | </application-policy> | I guess i have to comment out the security contraint in my web.xml? | <security-constraint> | <web-resource-collection> | <web-resource-name>Secure Content</web-resource-name> | <url-pattern>/app/*</url-pattern> | </web-resource-collection> | <auth-constraint> | <role-name>D</role-name> | <role-name>Z</role-name> | <role-name>B</role-name> | </auth-constraint> | <user-data-constraint> | <transport-guarantee>NONE</transport-guarantee> | </user-data-constraint> | </security-constraint> | <login-config> | <auth-method>BASIC</auth-method> | <realm-name>secure</realm-name> | </login-config> | <security-role> | <description>D.</description> | <role-name>D</role-name> | </security-role> | <security-role> | <description>Z.</description> | <role-name>Z</role-name> | </security-role> | <security-role> | <description>B.</description> | <role-name>B</role-name> | </security-role> | View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3908396#3908396 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3908396 ------------------------------------------------------- This SF.Net email is sponsored by the JBoss Inc. Get Certified Today Register for a JBoss Training Course. Free Certification Exam for All Training Attendees Through End of 2005. For more info visit: http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click _______________________________________________ JBoss-user mailing list JBoss-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/jboss-user