1 Reply Latest reply on Mar 27, 2002 3:01 PM by luke_t

    form based auth

    saviour

      Hi, all!
      Please, help me with my form based auth process... I've set up all my files and associated my loginmodule successfully, but when attempting to enter restricted area (/restricted) i have 403 error - access denied. My loginmodule has it's own log wich looks like this:
      [LoginModule] -> initialize()
      [LoginModule] -> login()
      [LoginModule] -> commit()
      And i can see that loginmodule accepted my username/password. So, i would suppose, jboss can't see my roles.properties file, but this file is in WEB-INF/classes/
      And one more question is why when i use wrong username/password combination i do not see error page on my screen???

      =====web.xml

      <?xml version="1.0" encoding="UTF-8"?>

      <!DOCTYPE web-app
      PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
      "http://java.sun.com/dtd/web-app_2_3.dtd">

      <web-app>
      <security-constraint>
      <web-resource-collection>
      <web-resource-name>Secure Content</web-resource-name>
      <url-pattern>/restricted/*</url-pattern>
      <http-method>GET</http-method>
      <http-method>POST</http-method>
      </web-resource-collection>
      <auth-constraint>
      <role-name>authorized-user</role-name>
      </auth-constraint>
      </security-constraint>

      <login-config>
      <auth-method>FORM</auth-method>
      <form-login-config>
      <form-login-page>/login/login.jsp</form-login-page>
      <form-error-page>/login/failed.jsp</form-error-page>
      </form-login-config>
      </login-config>

      <security-role>
      <role-name>authorized-user</role-name>
      </security-role>

      </web-app>

      =====web.xml

      =====roles.properties

      ###
      test,authorized-user

      =====roles.properties

        • 1. Re: form based auth

          What is the output on the server side, both when you deploy the application and when the problem occurs?

          And what version are you using?