Hi all,

We are currently have a Spring MVC 2.5 app running with Spring Security 2.0.4 and OpenAM 9.5.2 installed. The two works nicely together over an unencrypted channel but once we start using https on port 443 something strange happens. The application authenticates the user ok but the user cannot seem to see any content under access control even though the he/she is authorised to see the content.

Wondering if anyone else have experience the same problem.

The webapp is running on Sun Java System Web Server 7.0. Also we use the OpenSSO Spring Security Provider as documented here:

http://blogs.sun.com/warren/entry/sp...rly_to_opensso

Any help would be highly appreciated.