>>> On 21/06/2007 at 11:56, in message
<[log in to unmask]>, Andy
Swiffin <[log in to unmask]> wrote:
>> > * Add userRoleName="objectclass" to the Realm you set up in the
>>> server.xml. This passes across the user's objectClass as their
> role.
>>>
>>> * Next add the following to the bottom of the web.xml file (before
>> the
>>> </web-app>:
>>> =====
>>> <!-- Security roles referenced by this web application -->
>>> <security-role>
>>> <description>All Users</description>
>>> <role-name>person</role-name>
>>> </security-role>
>>> =====
>
>
> As far as I can tell I've faithfully created the entries as
specified
> and with Tomcat 5.5.23 it still does not work :-(
Sussed it:
Person is case sensitive. If you do an LDAP read of an object, e.g.
me:
objectClass: inetOrgPerson; organizationalPerson; Person;
ndsLoginProperties; Top; bhPortalConfigRW; bhPortalConfigSecretStore;
bhPortalConfig;
In web.xml you must put
<security-role>
<description>All Users</description>
<role-name>Person</role-name>
</security-role>
person will just not cut the mustard. In server.xml it doesn't care
if you misspell objectClass though as objectclass :-)
Andy
|