0 Replies Latest reply on Jan 9, 2006 8:53 AM by efratb

    JASS: problems with authorization in web application

    efratb

      Hi,

      I'm trying to write a web application (JSF, servlets, EJB's), using JAAS.
      When I use the DatabaseServerLoginModule the authentication & authorization works fine.
      When I use my own Login Module (extends from AbstractServerLoginModule) the authentication works fine, but I have problems with the authorization.
      When I insert correct user name and password I get the following error in the browser:

      HTTP Status 403 - Access to the requested resource has been denied.
      Access to the specified resource (Access to the requested resource has been denied) has been forbidden.

      I don't know if I'm implementing correctly the methods of my login module, but I do know that I get to the login() method --> loginSucceeded, get to the commit() method --> commitSucceeded, but never get to the getRoleSets() method.

      Can anyone please help me?
      What other ways (beside extending from AbstractServerLoginModule) can I use, and how?

      Thanks a lot,
      Efrat