[jboss-user] [Security & JAAS/JBoss] - problem creating a new tomcat authentication method
antoniofer
do-not-reply at jboss.com
Mon Sep 3 06:48:41 EDT 2007
Hello,
I'm trying to create a new web authentication method following the next procedure:
- based on FormAuthenticator.java i've coded a new class (well, i've just copied FormAuthenticator but with different name in order to prevent errors)
- added the line CUSTOM=<<my custom class>> in Authentication.properties
- in web.xml, added the line <auth-method>CUSTOM</auth-method> (and all the necessary ones to protect the web resources)
I'm using a simple application based on JSP pages to test my configuration but get a HTTP/403 Configuration error.
This is the error page I get:
type Status report
message Configuration error: Cannot perform access control without an authenticated principal
description Access to the specified resource (Configuration error: Cannot perform access control without an authenticated principal) has been forbidden.
I've tried to "cheat" JBoss to test my class:
- changed in authentication.properties the line FORM=org.jboss.etc... with FORM=<<my custom class>>
- now the application's web.xml has the next line: <auth-method>FORM</auth-method>
Everything goes fine in this case, but I would like to add this new authentication method instead of modifying the FORM method.
Somebody knows what is happening?
Thanks in advance,
Antonio
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4080446#4080446
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4080446
More information about the jboss-user
mailing list