> From: Oliver Block [mailto:li...@oliver-block.eu] > Subject: Re: Form-based authentication > > Are the roles passed to the LoginModule?
No, you hard-code the single role name in the LoginModule, using whatever value you have in web.xml (currently "User"). You must have a role class that implements Principal and Serializable (in addition to the Principal class for the user name); this role class must be specified in your <Realm> element via the roleClassName attribute. Create an instance of the role class with the predefined name and add it to the Subject object's principals set in your commit() method after you have added the user name Principal object. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org