This week's book giveaways are in the Java EE and JavaScript forums.
We're giving away four copies each of The Java EE 7 Tutorial Volume 1 or Volume 2(winners choice) and jQuery UI in Action and have the authors on-line!
See this thread and this one for details.
The moose likes Websphere and the fly likes JAAS authorization on WAS 7.0 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of The Java EE 7 Tutorial Volume 1 or Volume 2 this week in the Java EE forum
or jQuery UI in Action in the JavaScript forum!
JavaRanch » Java Forums » Products » Websphere
Bookmark "JAAS authorization on WAS 7.0" Watch "JAAS authorization on WAS 7.0" New topic
Author

JAAS authorization on WAS 7.0

sheetal Anand
Greenhorn

Joined: Jun 11, 2010
Posts: 1
We have implemented JAAS in our application for authentication and authorization. Both are working fine on tomcat. But authorization is not working on WAS 7.0. Any user is able to access all the pages despite the permissions set on the principals. I have placed our policy file in security folder of websphere java jre. And made entries in java.security file. Entry is as below:

auth.policy.provider=com.sun.security.auth.PolicyFile
auth.policy.url.1=file:${java.home}/lib/security/flame.policy

It seems WAS is not reading my policy file at all. Please help me on this. Do I need to do some specific settings in WAS 7.0
 
Consider Paul's rocket mass heater.
 
subject: JAAS authorization on WAS 7.0