0 Replies Latest reply on Mar 28, 2005 2:55 PM by Raymond Gardner

    Section 9.1 typo

    Raymond Gardner Newbie

      This section discusses using a database for security. It steps you through creating the necessary database tables and loading the data and configuring the login-config.xml file. All for the Dukes bank application.

      The configuration changes for the login-config.xml file deal with changing the dukesbank policy, which was an optional step in an earlier chapter dealing with security. The login-module is supposed to be changed to DatabaseServerLoginModule. All this, in section 9.1, is accurate.

      The problem is that the earlier chapter dealing with security instructs us to create a security-constraint and a security-role for 'bankCustomer', with a lower-case 'b'.

      When section 9.1 instructs us to load the security data it indicates a capital letter 'B' for the 'BankCustomer' role. These roles are apparently case-sensitive because the two are not matching up. Thus, you are able to successfully login but you are denied access to the application. The error message you get is:

      HTTP Status 403 - Access to the requested resource has been denied