JAAS – request.isUserInRole always returns false

It is because you omitted to add (for every role you use):

 <security-role>
<role-name>your role</role-name>

</security-role>

in your web.xml

Two roles example:

….

 <security-role>
<role-name>your role 1</role-name>

</security-role>

 <security-role>
<role-name>your role 2</role-name>

</security-role>

….

Advertisements