I want to implement EJBUserManager in my application, but the authentication
from the web doesn't accept my credentials and keep popping up until finally
I get a 401.
Here's how I'm doing it:
1) I defined the EJBUserManager in ejb-jar.xml and it gets instantiated
properly: tables COM_EVERMIND_EJB_EJBUSER and
COM_EVERMIND_EJB_EJBUSER_GROUPS get created
2) I created a user "joeuser" with a password in the user table and made
that user belong to "usergroup" in groups
3) In my web.xml I created a constraint on a resource:
<security-constraint>
<web-resource-collection>
<web-resource-name>/protectedurl</web-resource-name>
</web-resource-collection>
<auth-constraint>
<role-name>usergroup</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>myapp-basic-realm</realm-name>
</login-config>
<security-role>
<role-name>usergroup</role-name>
</security-role>
4) In my application.xml I have a role defined:
<security-role>
<role-name>manager</role-name>
</security-role>
5) In my orion-application.xml I have defined the user manager and the
role->group mapping:
<user-manager class="com.evermind.ejb.EJBUserManager">
<property name="home" value="com.evermind.ejb.EJBUser" />
<property name="defaultGroups" value="users" />
</user-manager>
<security-role-mapping name="usergroup">
<group name="usergroup" />
</security-role-mapping>
6) I also removed the reference to principals.xml from orion-application.xml
(If I leave it I get a 403 right away)
7) I finally, suggested by searching the list archive, defined the groups in
my principals.xml:
<principals>
<groups>
<group name="manager"/>
</groups>
</principals>
Everthing starts ok, no error message, if I try to access the /protectedurl
I get the basic authentication prompt, I try to fill in "joeuser" with his
password but Orion doesn't take it and prompt me again until I get a 401
Unauthorized.
What am I missing?
Thanks,
Christian
