They are J2 roles, although it can be helpful for them to overlap with tomcat roles as well if you have SSO configured and you want to use tomcat's manager application.
And yes, if you are using a tomcat version >= 5.5.12 (I think) and you define new J2 roles, you will need to add them AFAIK. That is, unless they have fixed this issue in tomcat. I am using an older version of tomcat (5.5.9) so in my case, I do not have to do this. The <role-name>*</role-name> works fine for me. On 7/11/06, Enrique Perez <[EMAIL PROTECTED]> wrote:
Hi, I have some questions: Are these roles the ones defined for Tomcat or defined in J2?? In case they are defined in J2, if new roles are defined, they must be added to the auth-constraint list also?? Thanks, Enrique > Thanks Akshay. It does work. > Yiguang > > > -----Original Message----- > > From: Akshay Ahooja [mailto:[EMAIL PROTECTED] <http://www.opensubscriber.com/sendEmail.os?message=4276758&inline=0> ] > > Sent: Tuesday, June 20, 2006 10:13 PM > > To: Jetspeed Users List > > Subject: Re: login proxy problem > > > > If you are using a newer version of Tomcat it will do that to you unless you > > explicitly define your user roles: > > > > In web.xml under <security-constraint> > > > > Instead of: > > <auth-constraint> > > <role-name>*</role-name> > > </auth-constraint> > > > > Change to: > > <auth-constraint> > > <role-name>admin</role-name> > > <role-name>user</role-name> > > <role-name>manager</role-name> > > </auth-constraint> > > > > And then try it - it should work... > > > > HTH, > > > > Akshay
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
