I'm trying to set up declarative security for the VSJ 3.1 simple example. I'm trying to restrict access to the simple application to just one user (user.1) in the Access Managers Group in the YELLOW.AA.ABC domain. This is not working and anyone within the domain can still access the application. I've deployed both theauth.war and the simple.war. Moreover, in my Tomcat Log I'm getting a ConfigException.
SEVERE: Exception starting filter authFiltercom.wedgetail.idm.sso.ConfigException: Need to set idm.realm
I do have that set in my web.xml as YELLOW.AA.ABC.
The error message is because two VSJ example WARs were deployed, simple.war and auth.war, however only the web.xml was configured for auth.war. Each VSJ war file needs to be configured separately. Also all users were able to access the application because the the simple.war was being accessed, which has no access control. Only the auth.war example is required. The simple.war example was not configured therefore removing it from the deployment will stop the initial error message above.
Please delete the simple directory from Tomcat webapps directory and rebuild the auth.war with the policy.xml. For authorisation, do not use the simple examples, use only the auth.war example as it already has authorisation enabled. The examples are independent of each other, you would only need to configure and deploy the auth example.