OK !! In RealmBase the "hasRole" method looks for a Principal of class GenericPrincipal; by overriding this method everithing works fine !! Thanks a lot
Renato -----Messaggio originale----- Da: Craig R. McClanahan [mailto:[EMAIL PROTECTED]] Inviato: venerdi 1 febbraio 2002 23.31 A: Tomcat Users List; [EMAIL PROTECTED] Oggetto: Re: Custom Realm Implementation On Fri, 1 Feb 2002, Renato Romano wrote: > Date: Fri, 1 Feb 2002 18:02:16 +0100 > From: Renato Romano <[EMAIL PROTECTED]> > Reply-To: Tomcat Users List <[EMAIL PROTECTED]>, > [EMAIL PROTECTED] > To: Tomcat Users List <[EMAIL PROTECTED]> > Subject: Custom Realm Implementation > > I'm trying to write my own Realm but have some problems... > MyRealm extends JDBCRealm, overrides the authenticate method(Connection, > String, String) > and returns a CustomPrincipal which is My own implementation of Principal; > > When I try to log in, a get a "User userName successfully authenticated" > message on the log, but the browser shows me a 403 error (You are not > allowed ...) > Tomcat calls the hasRole() method of your Realm implementation in order to check for the roles required to satisfy security constraints. You'll want to override this method as well, because the default method (in AuthenticatorBase) assumes you are using one of the standard Realm implementations that uses GenericPrincipal objects. > Any idea ? > Any document showing the process in details ? > Thanks Just the source code, at the moment :-(. > > Renato > Craig -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]> -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>
