3 Replies Latest reply on Oct 18, 2001 4:12 PM by Scott Stark

    JBossSecurityMgrRealm problems

    Max Johnson Newbie


      I'm running JBoss-2.4.3 with embedded Tomcat-3.2.3 and want to secure a particular JSP page using the default JBossSecurityMgrRealm (hence integrating with JBossSX security api for authentication and authorization).

      When I visit the protected page I am presented with a login dialog as I would expect. I have two related problems:

      1) Running in debug I break in JBossSecurityMgrRealm.authenticate(req,res). The call to getSecurityContext() does a lookup against the embedded JNP service for "java:comp/env/security", which returns null. Hence authenticate fails by default without getting as far as checking the credentials. Can anyone tell me how to configure JBoss so that a valid security context is returned?

      2) Given that point 1 is sorted, where does the JNP service get its data from? i.e. How do I specify users and their roles.