I look at the CMSExportServlet in the jboss portal sources. It does not enforce
security... so it is a bad track. sorry.
where is your servlet ?
calling the jndi service for the subject works with the filter put in web.xml of the
portal-server.war.
This web app is the context where the sercurity domain is defined.
so if not in this context, then that is why the subject is not found
sounds logical if there are none defined in your web app, no ?
I am not sure, but sound logical...
I am not good enough at tomcat, security realm, domains, etc...
but I guess you can manage to set your web app to share the same authentification
"domain" as the one of the portal, ie the one of portal-server.war
or look at jboss security ref guide, and how to secure a web app.
they explain how to set it in a web app, and compare with the portal-server.war web app.
hope it helps...
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4037934#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...