2 Replies Latest reply on Oct 14, 2002 6:35 AM by Lewis Henderson

    JBoss3.x Security across WEB APPS

    Lewis Henderson Novice

      I am testing three web apps on 3.0.x with Tomcat embedded. All three apps are secured to the same domain/realms with the same roles. I expected that I would get challenged on the first hit to a secure URL within each app, however...

      The first app pops up my login screen...I login sucessfully and get the page I was after. A link on this page points to another app. I hit this link and get parts(!) of the page appearing! The HTML is correct but some images are missing along with stylesheets. If I refresh the page, other images appear and some that were there no disappear.

      I am not challenged in the second app and the UserPrincipal is null.

      As an aside, I also tried with the SingleSignOn valve which works for these two apps but when I go to a third I get the same type of problems on it's pages.

      While you can have hours of fun guessing (betting on!) which images will show, I would like to get this sorted soon!


        • 1. Re: JBoss3.x Security across WEB APPS
          Brian Newbie

          Are your web apps in separate ear or war files? If they are I bet the server is randomly choosing one of the deployments to pull images from. If the apps all have the same security domains and realms, i suggest putting them all in one ear, with one war and separate jars. I have done this and have had much success!!
          Good luck,

          • 2. Re: JBoss3.x Security across WEB APPS
            Lewis Henderson Novice

            Each application is deployed as a WAR. Each has it's own JSP's and images. The system is designed to allow developers to hot-deploy their applications without affecting others. Wrapping up as an EAR may be a work around but requires the Application.xml document to be manually kept in snych...

            I think that this should work and, 'random' is not a good thing in a live environment ;-)