[jboss-user] [Security & JAAS/JBoss] - Showing a secured page when user is logged in

rkiesi do-not-reply at jboss.com
Fri Oct 6 09:46:09 EDT 2006

Hi everybody,

We am working on a completly new portal.
We use JBOSS AS 4.0.4 and JBOSS Portal 2.4.

In the default-object.xml we define a couple of pages including one "Admin" page. This page is secured with a security-constraint (see code below).

Via an self written login portlet we populate our user with principals and roles (eighter from LDAP Servers or a relational database).

As we log in as admin and the user has the role "Admin" i hoped the page with the security-contraint would be display, but it is not!!

Am I missing something? I read throug this forum, the wiki and the adminguide and did not find a solution for this problem.

Some hint would be nice
thx rkiesi

Here the code form the default-object.xml
  |       <if-exists>keep</if-exists>
  |       <parent-ref>default</parent-ref>
  |       <page>
  |          <page-name>Admin</page-name>
  |          <security-constraint>
  |             <policy-permission>
  |                <role-name>Admin</role-name>
  |                <action-name>viewrecursive</action-name>
  |             </policy-permission>
  |       	</security-constraint>    
  |       </page>      
  | 	</deployment>

and the principals and roles of the user after login
Principals for user admin: admin***Roles(members:Admin)***

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3976589#3976589

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3976589

More information about the jboss-user mailing list