Originally posted by Nitesh Kant:
Do you mind showing the policy file to us
Hi ,
I have created the policy file with the name jaasacn.policy.
grant codeBase "file:/C:/MyWorkspace3/WSADWorkspace/JAAS/one/MySecurity/WebContent/WEB-INF/classes/test/test.jar"{
permission avax.security.auth.AuthPermission "createLoginContext.Userpass";
};
I have tried with the defaule java.policy file also, and put the test.tar file in ext folder which has already the permisioon to access all the jar files in it.
grant codeBase "file:${java.home}/lib/ext/*" {
//permission java.security.AllPermission;
permission avax.security.auth.AuthPermission "createLoginContext.Userpass";
};
apart from that I have a question :
1) I have a jar file which can perform authentication to a user (PerformAuth.java).
can we call this Object inside a JSP and see the result of authentication? The main idea is to have an authenticated user and then map the user to any role and based on that role provide authorization to access web resources.