[jboss-user] [Security & JAAS/JBoss] - JAAS Authentification with wrong role

forfaro do-not-reply at jboss.com
Tue Feb 26 05:43:20 EST 2008

I have build a JBoss authentification, using FORM based Login, in version 4.0.4GA.

The login works great, when wrong login data is entered I am lead to the error page, when logging in with the right user, I come to the right page. The only thing is, when I login with an user with correct login data, but with the wrong role, I get the system error message saying "Access to the requested resource has been denied" and am not lead to the error page. 
Is this a known problem ? At the moment I use 

  |    <login-config>
  |         <auth-method>FORM</auth-method>
  |             <form-login-config>
  |                 <form-login-page>/login.html</form-login-page>
  |                 <form-error-page>/error.html</form-error-page>
  |             </form-login-config>
  |     </login-config>

Am I missing a third page or how can I catch a user with wrong role to show a correct error page ?


View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4132104#4132104

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4132104

More information about the jboss-user mailing list