I have installed the server (Orion/1.0rc1), deployed a test application and all
appears to working well. I would now like to add in basic authentication to a
section of the web site.
When I configure the application deployment descriptor (web.xml) in the usual
way to add in a security-constraint using basic authentication and then access
the restricted area, the browser displays:
403 Forbidden
Error initializing security, security-role not found: users
I have tried playing with the principals.xml file in various forms (having the
group name users, adding individuals to the group, etc.), but nothing seems to
have any effect.
Can someone explain to me the process that Orion uses to map roles to groups to
users (e.g. Which configuration files are involved? Can roles be mapped on a per
application basis (e.g. using /META-INF/principals.xml as one mailing list post
suggests)?). Or point me to any documentation that describes this.
Thanks in advance,
Tony
