Hi,
I got cornered while trying to do some basic authentization/authorization.
I've got here two applications - prototype war (working), real ear
application (not working). While looking for error, I've set both of
them to use SAME application policy in login-config.xml.
Authentization succed in both of them, but
SecurityAssociation.getSubject returns null in ear app for some
reason. I've tried to fiddle a little with
"org.jboss.security.SecurityAssociation.ThreadLocal" property, but
nothing changed. Jbosssx client library is packaged in both war and
ear(here it is localed in nested .war) archive. In web.xml there are
no roles defined/requested - any authenticated user is authorized to
do anything. So where can be the problem? I'm out of ideas. Thanks in
advance for any help or hint.
martin.
for more details (testing jsp pages - simple one, with few lines of
scriptlet code) please look in
http://www.alfonz19.uvadi.cz/security/problemDescription.txt