Ummm. I take it you're using a standalone version of tomcat? In this case, I don't think you can't use the JBossSecurityMgrRealm interceptor which is intended for integrated web containers.
You have to use tomcat's own authentication and insert the basic org.jboss.tomcat.security.JBossRealm interceptor after this to enable the username and password to be propagated to JBoss.
i'm using the integrated tomcat. but i need to deploy
the stuff in separate parts and not one ejb-jar and one
war in jboss/deploy. (some designers are going to change
the jsps) i need the also the auth working. i'm going
to try your suggestion and let you know.
thanks so far, jan
Ah, OK I see what's up. I have had the same problem lot's of times.
You can't have jsp changes automatically recompiled with the integrated JBoss/Tomcat at the moment. You always have to redeploy the whole app, losing any state that your web user might have.
The best plan is to run a separate instance of tomcat against JBoss, and configure it to point to your unpacked, development web-app.
recompilation works quite great under tmp/Deploy/xxx.war/webxxxx and i made some tests (it's quite a while ago) that the classloader would load new classes under tomcat/webapps/app/WEB-INF/classes. so i thought that what i want to achieve would be no big deal. i did not try to recompile jsps under tomcat/webapps yet but if that does not work it would really be a surprise. i did not look into the sources but why should tomcat not recompile new jsps under tomcat/webapps?
I posted my problem in:
and I think that org.jboss.tomcat.security.JBossRealm interceptor is my answer. How may I make a standalone Tomcat to use JBossRealm after Calatina realm performed authentication so that the credentials can be propagated to JBoss?
in Catalina, should I put
in my server.xml
What .jar file do I need for Catalina to load?