geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From blb <blb4s...@gmail.com>
Subject Re: Unable to get user role
Date Mon, 21 Dec 2009 14:21:03 GMT

David,

Form auth is used to authenticate the user. The behaviour you described is
the one we expected and we met previously with Tomcat.

For the moment, in my geronimo environment, it works only if servlets or
jsps are secured. 

Geronimo 2.1.4 is used.


djencks wrote:
> 
> If you are using form auth you should still be getting isUserInRole to  
> be true after you have logged in once, even on unprotected pages.  I'm  
> not sure if there are any tests for this anywhere, especially for jsps  
> that aren't listed in web.xml.  We have gotten this to work for  
> servlets at various times.
> 
> If you are using basic or digest auth, you won't AFAIK.  I'm not sure  
> about client-cert auth.
> 
> Which geronimo version are you using?
> 
> thanks
> david jencks
> 
> On Dec 18, 2009, at 9:57 AM, blb wrote:
> 
>>
>> I finally succededed in getting true from the isUserInRole() call,  
>> protecting
>> more resources in the web.xml file.
>> I have to check the whole application to see if the unauthenticated  
>> section
>> still works (some of the  resources i have put in the protected area  
>> are
>> used by both parts).
>> I'll keep you informed of the results.
>>
>> Fabrice
>>
>> blb wrote:
>>>
>>> I did a few more tests.
>>> The  isUserInRole() returns true only for protected servlets.
>>> I didn't succeded yet in declarings the jsps as protected resources.
>>>
>>> Fabrice
>>>
>>> blb wrote:
>>>>
>>>> David,
>>>>
>>>> Thanks for your reply.
>>>>
>>>> 1) Yes, the authentication works well.
>>>>
>>>> 2) isUserInRole() always returns false. It is called from a jsp  
>>>> which is
>>>> not declared in the webapp protected resources (this configuration  
>>>> worked
>>>> well in Tomcat). I'll try to declare the jsps in the protected  
>>>> resources
>>>> to check if the problem is solved.
>>>>
>>>> 3) The webapp is made of jsps and servlets. The isUserInRole() call
>>>> returns true in a protected servlet.
>>>>
>>>> Fabrice
>>>>
>>>>
>>>>
>>>> djencks wrote:
>>>>>
>>>>> I'd like to clarify a couple of points...
>>>>>
>>>>> - IIUC, you have to authenticate to access a secured page, this  
>>>>> part
>>>>> of security is working fine?
>>>>>
>>>>> - From a secured page, you cannot use isUserInRole()?
>>>>>
>>>>> - are all your pages jsps?  Do they have servlet mappings?  Does  
>>>>> this
>>>>> occur with a secured servlet?
>>>>>
>>>>> thanks
>>>>> david jencks
>>>>>
>>>>> On Dec 17, 2009, at 7:10 AM, blb wrote:
>>>>>
>>>>>>
>>>>>> Hi all,
>>>>>>
>>>>>> I am migrating from Tomcat to Geronimo and need some help to  
>>>>>> finish to
>>>>>> configure security for a webapp.
>>>>>> I can authenticate a user within Geronimo but I'm not able to get
>>>>>> the user
>>>>>> role.
>>>>>> The request.isUserInRole() call always returns false.
>>>>>>
>>>>>> You can find below an extract of the configuration files  
>>>>>> concerned by
>>>>>> security:
>>>>>> http://old.nabble.com/file/p26829415/extract_geronimo-web.xml
>>>>>> extract_geronimo-web.xml
>>>>>> http://old.nabble.com/file/p26829415/extract_web.xml  
>>>>>> extract_web.xml
>>>>>>
>>>>>> Can you please tell me what's wrong (or missing) with the webapp
>>>>>> configuration ?
>>>>>> -- 
>>>>>> View this message in context:
>>>>>> http://old.nabble.com/Unable-to-get-user-role-tp26829415s134p26829415.html
>>>>>> Sent from the Apache Geronimo - Users mailing list archive at
>>>>>> Nabble.com.
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>> -- 
>> View this message in context:
>> http://old.nabble.com/Unable-to-get-user-role-tp26829415s134p26847205.html
>> Sent from the Apache Geronimo - Users mailing list archive at  
>> Nabble.com.
>>
> 
> 
> 

-- 
View this message in context: http://old.nabble.com/Unable-to-get-user-role-tp26829415s134p26874597.html
Sent from the Apache Geronimo - Users mailing list archive at Nabble.com.


Mime
View raw message