2 Replies Latest reply on Oct 14, 2002 6:35 AM by cobraflow

JBoss3.x Security across WEB APPS

cobraflow Oct 11, 2002 12:51 PM

Hi,
I am testing three web apps on 3.0.x with Tomcat embedded. All three apps are secured to the same domain/realms with the same roles. I expected that I would get challenged on the first hit to a secure URL within each app, however...

The first app pops up my login screen...I login sucessfully and get the page I was after. A link on this page points to another app. I hit this link and get parts(!) of the page appearing! The HTML is correct but some images are missing along with stylesheets. If I refresh the page, other images appear and some that were there no disappear.

I am not challenged in the second app and the UserPrincipal is null.

As an aside, I also tried with the SingleSignOn valve which works for these two apps but when I go to a third I get the same type of problems on it's pages.

While you can have hours of fun guessing (betting on!) which images will show, I would like to get this sorted soon!

Thanks

1. Re: JBoss3.x Security across WEB APPS

tool Oct 11, 2002 3:22 PM (in response to cobraflow)

Are your web apps in separate ear or war files? If they are I bet the server is randomly choosing one of the deployments to pull images from. If the apps all have the same security domains and realms, i suggest putting them all in one ear, with one war and separate jars. I have done this and have had much success!!
Good luck,
Brian
Actions
2. Re: JBoss3.x Security across WEB APPS

cobraflow Oct 14, 2002 6:35 AM (in response to cobraflow)

Each application is deployed as a WAR. Each has it's own JSP's and images. The system is designed to allow developers to hot-deploy their applications without affecting others. Wrapping up as an EAR may be a work around but requires the Application.xml document to be manually kept in snych...

I think that this should work and, 'random' is not a good thing in a live environment ;-)

Lewis
Actions

Go to original post