Skip to main content

Valid JSR-196 ServerAuthModule not called when activating alternative JACC Policy

No replies
Joined: 2013-05-30
Points: 0


I want to use my own ServerAuthModule as well my own JACC Policy implementation in glassfish

The ServerAuthModule is working perfectly when the JACC setting is default.

But when I activate my own JACC policy via server-config > Security > JACC Providers, the ServerAuthModule is not called any more.

Not even the constructor of the ServerAuthModule is called.

The implementations follow the Oracle tutorial for implementing a custom SAM, the JSR-196 spec and the JSR-115 spec.

The SAM is configured in glassfish via server-config > Security > Message Security > HttpServlet.
The provider id is then used in sun-web.xml and glassfish-web.xml to activate it for the war.

The deployment is an ear with many ejb-modules inside and a war containing rest-services.

What piece am I missing to get it working correctly?