Loading...

XML

Word

Printable

Type: Bug
Resolution: Done
Priority: Major
Fix Version/s: JBossAS-4.0.2 Final, JBossAS-5.0.0.Beta1
Affects Version/s: JBossAS-4.0.1 SP1
Component/s: Security
Labels:
None

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Hello,

I try to run JBoss Duke Bank application on JBoss 4.0.1 sp1 and it works fine until I'm using org.jboss.web.tomcat.security.JBossSecurityMgrRealm in the server.xml configuration.
...
<Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm" certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"/>
...
As soon I replace this realm by org.jboss.web.tomcat.security.JaccAuthorizationRealm:
<Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm"
certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"/>
the logon is still successful but the every second call to the servlet is responded with "HTTP Status 403 - Access to the requested resource has been denied".
On debugging I noticed that the Subject in the SecurityAssociation, required by JaccAuthorizationRealm is null, therefore the permission check fails.

Kind regards

duplicates

JBAS-1592 JaccAuthorizationRealm always returns false on subsequent requests

Closed

Assignee:: Scott Stark (Inactive)

Reporter:: Roland Räz (Inactive)

Votes:: 1 Vote for this issue

Watchers:: 0 Start watching this issue

Created:: 2005/03/08 8:02 AM

Updated:: 2005/03/25 11:14 AM

Resolved:: 2005/03/25 11:14 AM

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates