Re: JAX-RPC web service in Axis, servletEndpointContext.isUserInRole(), how to map users to roles?

Fri, 15 Oct 2004 00:42:41 -0700 

Any answers here? I'm still in trouble with this
   servletEndpointContext.isUserInRole("my_role")
stuff, it never returns true since I still don't know how to introduce
user roles (not groups) in Axis (in Tomcat)

Thank you!
   Merten

> -----Original Message-----
> From: Merten Schumann [mailto:[EMAIL PROTECTED] 
> Sent: Tuesday, October 12, 2004 11:12 AM
> To: [EMAIL PROTECTED]
> Subject: JAX-RPC web service in Axis, 
> servletEndpointContext.isUserInRole(), how to map users to roles?
> 
> This is a repost with a different subject, maybe I do get 
> with this new
> subject responses here. :-)
> 
> I got a simple service with basic auth running in Axis, Hurray!
> For that, following some documentation I created a .war with axis.jar
> and all in it to have my own web app. Works fine. :-)
> 
> Now I do call in the service implementation
>    servletEndpointContext.isUserInRole("my_role")
> and get all the time false returned.
> Hmmm, could it be that in Axis/Tomcat the concept of these "logical"
> roles isn't implemented and we have "only" users and groups?
> 
> My web.xml contains link to my_role:
>  <security-constraint>
>  <display-name>SecurityConstraint</display-name>
>  <web-resource-collection>
>  <web-resource-name>WRCollection</web-resource-name>
>  <url-pattern>/services</url-pattern>
>  <http-method>POST</http-method>
>  </web-resource-collection>
>  <auth-constraint>
>  <role-name>my_role</role-name>
>  </auth-constraint>
>  <user-data-constraint>
>  <transport-guarantee>NONE</transport-guarantee>
>  </user-data-constraint>
>  </security-constraint>
>  <login-config>
>  <auth-method>BASIC</auth-method>
>  </login-config>
>  <security-role>
>  <role-name>my_role</role-name>
>  </security-role>
> 
> When I deploy to Sun App server, I have in sun-web.xml
>   <security-role-mapping>
>     <role-name>my_role</role-name>
>     <group-name>my_group1</group-name>
>   </security-role-mapping>
> to map the logical role (my_role) to a group (my_group1). The group is
> physically existing in the Sun App server. Then,
> isUserInRole("my_role") returns true. In the App Server's admin, I do
> setup groups, not roles. In conf/tomcat-users.xml, probably the roles
> mean groups. I tried to put there a <group> Element, seems to 
> work. But
> how (where?) to map the group to a role, as I can do in sun-web.xml?
> 
> Could you help me here, how to manage this logical role stuff in
> Axis/Tomcat?
> Thank you!
>    Merten
>

Reply via email to