I've created a a web project in Netbeans which contains a Web Service on Glassfish 2.1 as follows
I'm doing programmatic login of glassfish using the class com.sun.appserv.security.ProgrammaticLogin.login() (I had to do it because of some logging requirement). After I do the login, I call the serviceContext.isUserInRole() method to see if the user is in the correct role. The "Default Principal To Role Mapping" is checked in glassfish (I tried after disabling it too). Still I've mapped the user role to group names in the sun-web.xml file as follows (I have tried it without this code in the sun-web.xml too)
Still the isUserInRole method is returning false. If I declare <principal-name> elements to define individual principals, then it works fine. A similar approach is working fine on a simple
servlet where I'm using programmatic login with HttpServletRequest.isUserInRole in a filter. Am I doing something wrong here??
Edit: one more detail, another
EJB based web service is injected into this web service. The code looks like this