2 Replies Latest reply on Apr 17, 2003 8:23 AM by amagno

How to execute JSP under a security role?

amagno Apr 16, 2003 5:14 PM

Hi all,
this is an excerpt of my web.xml. I thought "/JspDir/frames.jsp" would execute only under a SuperUser role, but it is not paying atention at all and it runs under any authenticated user (regardless of their roles). Authentication is working ok.
What am I doing wrong?
TIA,
Alphonsus

<security-constraint>
<display-name>Constraint_01</display-name>
<web-resource-collection>
<web-resource-name>Collection1</web-resource-name>
<url-pattern>/JspDir/frames.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>SuperUser</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/PaginaErroSistema.jsp</form-error-page>
</form-login-config>
</login-config>
<security-role>
<role-name>SuperUser</role-name>
</security-role>

1. Re: How to execute JSP under a security role?

juhalindfors Apr 16, 2003 5:16 PM (in response to amagno)

what is your security domain in jboss-web.xml?
Actions
2. Re: How to execute JSP under a security role?

amagno Apr 17, 2003 8:23 AM (in response to amagno)

Hi Lindfors, thanks for you interest.
The jsp script is part of the application below.

<jboss-web>

<security-domain>java:/jaas/SebraeCRM</security-domain>
</jboss-web>
Actions

Go to original post