You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomee.apache.org by gollum <ch...@gmail.com> on 2013/10/10 00:26:01 UTC

REST with JAAS auth trouble

Hi,
I'm trying limit access to a RESTful web service resource. While this works
fine using the UserDatabase file "tomcat-users.xml", I cannot get it to work
with a JAAS Realm.
I use a web browser for testing. The behavior with the UserDatabase method
is that when I navigate to the resource, the browser prompts me for
credentials and then allows access. However, when I configure the service to
use a JAAS realm, the browser just keeps prompting for credentials over and
over, no matter what I enter. I get no access denied message or whatever and
the logger remains silent, too.
Can anybody give me some pointers on what I'm doing wrong? Here's my config:

*web.xml:*

*server.xml:*

*login.config:*

*users.properties:*

*groups.properties:*

*tomcat-users.xml:*

*SecureService.java:*





--
View this message in context: http://openejb.979440.n4.nabble.com/REST-with-JAAS-auth-trouble-tp4665512.html
Sent from the OpenEJB User mailing list archive at Nabble.com.

Re: REST with JAAS auth trouble

Posted by "Howard W. Smith, Jr." <sm...@gmail.com>.

seems like you posted twice. while waiting for one of the committers to
respond, you can search mail-list archives for the following:

site:openejb.979440.n4.nabble.com rest jaas tomee[1]


[1] http://lmgtfy.com/?q=site%3Aopenejb.979440.n4.nabble.com+rest+jaas+tomee



On Wed, Oct 9, 2013 at 6:26 PM, gollum <ch...@gmail.com> wrote:

> Hi,
> I'm trying limit access to a RESTful web service resource. While this works
> fine using the UserDatabase file "tomcat-users.xml", I cannot get it to
> work
> with a JAAS Realm.
> I use a web browser for testing. The behavior with the UserDatabase method
> is that when I navigate to the resource, the browser prompts me for
> credentials and then allows access. However, when I configure the service
> to
> use a JAAS realm, the browser just keeps prompting for credentials over and
> over, no matter what I enter. I get no access denied message or whatever
> and
> the logger remains silent, too.
> Can anybody give me some pointers on what I'm doing wrong? Here's my
> config:
>
> *web.xml:*
>
> *server.xml:*
>
> *login.config:*
>
> *users.properties:*
>
> *groups.properties:*
>
> *tomcat-users.xml:*
>
> *SecureService.java:*
>
>
>
>
>
> --
> View this message in context:
> http://openejb.979440.n4.nabble.com/REST-with-JAAS-auth-trouble-tp4665512.html
> Sent from the OpenEJB User mailing list archive at Nabble.com.
>