2 Replies Latest reply on Jun 30, 2003 1:26 PM by Oliver Wulff

    setup basic authentication for webapp

    Oliver Wulff Newbie

      I tried to setup a webapp with basic authentication. I did the following:
      1) web.xml:




      2) jboss-web.xml
      <?xml version="1.0"?>


      the security domain "other" is defined in /conf/login-config.xml.

      3) I've copied the files users.properties and roles.properties to the WEB-INF/classes directory.

      4) the servlet does the following:
      Principal p = req.getUserPrincipal();
      PrintWriter out = res.getWriter();
      out.println("Principal Test");
      out.println("Name: " + p.getName());
      out.println("ADMIN: " + req.isUserInRole("ADMIN"));
      out.println("ERLAUBT1: " + req.isUserInRole("ERLAUBT1"));

      If I access http://localhost:8080/sec_test/PrincipalServlet I won't be asked to enter username and password and isUserInRole() returns true in both cases.

      What am I doing wrong?