Hi



I have a problem with secutiry in JBoss when I run the web application and log in with a user, security works fine with everthing except with struts *.do (i.e. it works fine for css file for example I was able to view the css file I am authorized to and when I try to access another css file I am not authorized I have a status error saying access forbidden)

But,  when I login with a user who have the role employee which is required for the /Timesheets/*

and try to access

/Timesheets/Timesheets.do

I was excpeting to login nicely but I have status report 403 saying access forbidden



is there something worng in security with the "struts servlet" in Jboss

is some configuration I should do on the struts servle



Sorry for the long post



yours,

Mohamed Fathy
_________________________________________________________
Reply to the post : http://galaxy.andromda.org/forum/viewtopic.php?p=3926#3926
Posting to http://forum.andromda.org/ is preferred over posting to the mailing list!


-------------------------------------------------------
SF.Net email is Sponsored by the Better Software Conference & EXPO
September 19-22, 2005 * San Francisco, CA * Development Lifecycle Practices
Agile & Plan-Driven Development * Managing Projects & Teams * Testing & QA
Security * Process Improvement & Measurement * http://www.sqe.com/bsce5sf
_______________________________________________
Andromda-user mailing list
Andromda-user@list...
https://lists.sourceforge.net/lists/listinfo/andromda-user