[jboss-user] [Security & JAAS/JBoss] - Re: JAAS and OpenLdap configuration
jej2003
do-not-reply at jboss.com
Tue Oct 28 08:47:12 EDT 2008
So I switched to the LdapExtLoginModule and I have this working, but I am seeing some unexpected behavior.
I have 2 groups, Administrators and Users. I have a user that is a member of only one of those groups, in this case Administrators. If I have a function that has the @RolesAllowed={"Administrators", "Users"} I get a permission denied complaining that the user does not have the RequiredRoles. It seems as if the LdapExtLoginModule is requiring the user to be a member of both groups instead of just 1 which is the opposite of what the UsersRolesLoginModule does which will work if the user is a member of either. Is there a way to force these two Modules to act the same?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4185078#4185078
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4185078
More information about the jboss-user
mailing list