0 Replies Latest reply on Jul 8, 2002 11:30 AM by james elliot

    invoking SecurityInterceptor Tomcat 4.0

    james elliot Newbie

      I want Jboss to handle security only for access to web resources (not EJB) but I can't get the SecurityInterceptor to forward to the security domain I have defined (Tomcat 4.01 Jboss 2.4.4)

      I have set the following in web.xml:


      but haven't set any login-config (i want to have a custom login) - can that work?

      I have also set the security-domain in jboss-web.xml and written the server module referenced for this domain in auth.conf

      My login page is not protected under this security. When I submit the form of login details I want to forward to a secure area, after authentication. At the moment I get the message:

      Cannot perform access control without an authenticated principal

      How can I use JBossSX to fire off the login method of my Login module with the form information when I try to access pages restricted by web.xml?