Andrew Jaquith wrote:
Wyllys -- doesn't your LDAP server return at least one generic role for
users who are authenticated? It would have to in order for
I'm really not sure what it returns. I can do an ldapsearch and
view the normal public information for anyone in the DB, but I'm not
sure how the data would differ after authenticating. Is there a way
to find out by adding some debug statements somewhere in the JSPWiki code?
I have no access or control over the administration of the LDAP DB itself.
container-managed auth to work. Whatever that role name is, make sure
that name is part of a role-ref element in web.xml that protects the
login page. It probably won't be "Authenticated".
It does sound like JSPWiki knows your users are logged in. There's just
a mismatch between the role name we use to protect the login page and
the one your container is returning.
If I ignore the "Forbidden" page and continue to the
main page, it does show my login name and "(authenticated)", so I
think that JSPWiki believes me to be authenticated correctly, but there is
definitely something wrong with the roles or the ACLs that is causing
it to block my access to pages that require the "Authenticated" role.
-Wyllys
