I'm trying to write a web application (JSF, servlets, EJB's), using JAAS.
When I use the DatabaseServerLoginModule the authentication & authorization works fine.
When I use my own Login Module (extends from AbstractServerLoginModule) the authentication works fine, but I have problems with the authorization.
When I insert correct user name and password I get the following error in the browser:
HTTP Status 403 - Access to the requested resource has been denied.
Access to the specified resource (Access to the requested resource has been denied) has been forbidden.
I don't know if I'm implementing correctly the methods of my login module, but I do know that I get to the login() method --> loginSucceeded, get to the commit() method --> commitSucceeded, but never get to the getRoleSets() method.
Can anyone please help me?
What other ways (beside extending from AbstractServerLoginModule) can I use, and how?
Thanks a lot,