tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Vikul Khosla <vikulkho...@yahoo.com>
Subject JAAS Realm Help
Date Wed, 05 Apr 2006 16:56:06 GMT
Hi,

Trying to get a custom login through a JAAS
LoginModule.

Got the authentication to work (confirmed thru
println()), but get back a HTTP
unauthorized error in the browser.

Gets to the commit() of LoginModule, where I add
a "Principal" based on the one "role" defined in
tomcats web.xml ... same as SampleLoginModule example.

How does authorization work in general once you have
a authenticated user ? Ideally, don't want to list any
users or Roles in *any* tomcat config file. Possible ?

Thanks


Background INfo
===============
1) Have a <security-constraint> in web.xml 
2) Also have a <auth-constraint>, with one role
3) This role is also listed in <security-role>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message