0 Replies Latest reply on Mar 30, 2007 5:50 AM by Anette Engel

    Sharing portal security realm with a servlet

    Anette Engel Newbie

      I have a servlet MyServlet which is deployed in the same war file as a portlet MyPortlet.

      The view of MyPortlet references the MyServlet to generate some content:

      <%@ taglib uri="http://java.sun.com/portlet" prefix="portlet" %>
      <%@ page isELIgnored="false" %>
      <table width="100%" cellpadding="2" border="0">
       <td class="portlet-section-body" >
       <td class="portlet-section-body" >
       <img src="<%= request.getContextPath() %>/MyPortlet" />

      Is it possible for the servlet to share the same security realm i.e. so that the
      request.getPrinicipal() ;

      return the current user and
      request.isUserInRole("MyUser") ;

      returns true?

      I declared the role "MyUser" in the web.xml:


      Additionally I have added the jboss-web.xml file to the WEB-INF directory and added the line:


      This doesn't seem to do the trick? Am I missing something or can servlet not share the security realm of the portal?a

      (The servlet should be only accessible to authenticated users i.e. I quite like to add some security constraint to the web.xml for the servlet)