> >>> Rhys Smith <[log in to unmask]> 21/06/2007 11:17 >>>
> Ah, think I know what the problem is here - it's one I came across
> myself a while ago when I upgraded the version of tomcat I was using
on
> my IdP servers.
>
>...
>
> The easiest way to sort this if you want to use the latest and
greatest
> tomcat 5.5 is this:
>
> * Add userRoleName="objectclass" to the Realm you set up in the
> server.xml. This passes across the user's objectClass as their role.
>
> * Next add the following to the bottom of the web.xml file (before
the
> </web-app>:
> =====
> <!-- Security roles referenced by this web application -->
> <security-role>
> <description>All Users</description>
> <role-name>person</role-name>
> </security-role>
> =====
>
> This info is on the internet2 Shib wiki somewhere, I remember adding
it
> ages ago. Can't remember where though!
>
> Hope that helps,
Thanks Rhys
This is documented in
https://spaces.internet2.edu/display/SHIB/IdPUserAuthnConfig I
thought I'd tried this with no joy but I may have missed out the bit
added to the Realm. I'll change my softlinks back to using 5.5.23 and
report back here whether it works or not.
Cheers
Andy
|