Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Agile forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

JAAS authorization on WAS 7.0

 
sheetal Anand
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
We have implemented JAAS in our application for authentication and authorization. Both are working fine on tomcat. But authorization is not working on WAS 7.0. Any user is able to access all the pages despite the permissions set on the principals. I have placed our policy file in security folder of websphere java jre. And made entries in java.security file. Entry is as below:

auth.policy.provider=com.sun.security.auth.PolicyFile
auth.policy.url.1=file:${java.home}/lib/security/flame.policy

It seems WAS is not reading my policy file at all. Please help me on this. Do I need to do some specific settings in WAS 7.0
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic