Hi elephantwalker, I greatly appreciate for your answer. I want to say that you have helped a lot of users in this communiy. It's great to have an outstanding source like you. I'd like to recommend your site to my friends.
According to your answer, I think I need to implment addToGroup method in my UserManager class. I am using a custom UserManager (define to <user-manager> tag in orion-application.xml) that only implements userExists, checkPassword, and inGroup methods (as in http://kb.atlassian.com/content/orionsupport/articles/usermanager.html). Since in my UserManager (extends SimpleUserManager) does not implement addToGroup, I think I'll get error if I use RoleManager.addToGroup(), right? Last question, in UserManager, a method named getPassword() - it does not have username as parameter, how do I know what username (or principal) I need to look for password? Thanks a lot for your help. --- The elephantwalker <[EMAIL PROTECTED]> wrote: > RoleManager is a facade interface to UserManager. It > goes something like > this: > > RoleManager <---> UserManager <----> LDAP > > So when you add a role, it is added to the LDAP > datastore, not just for the > session. You can of course remove the role when you > log the user out, and it > has the effect of only adding the role during the > session. > > Regards, > > the elephantwalker > www.elephantwalker.com > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On > Behalf Of Min-Hua Luo > Sent: Monday, February 25, 2002 2:09 PM > To: Orion-Interest > Subject: RE: > > > Hi, > > Thanks a lot for your response. The username, > password, and group information are stored in LDAP > server for my project. Does roleManager.addToRole > update LDAP server group information at the same > time? > Or it is just add this user to a role for current > session only? (That is, once session is gone, this > user still does not belongs to gold_account role). > Thank you very much. > > > --- The elephantwalker <[EMAIL PROTECTED]> > wrote: > > The addToRole() function will add a principal to > > another role. For example, > > if you have a gold_account role, and all your user > > (principal) is only a in > > the user_account role, you can add them to the > > gold_account role with > > something like this... > > > > roleManager.addToRole(principal,"gold_account"); > > > > you will get an error if the role "gold_account" > > does not exist in your > > web.xml or application.xml or ejb-jar.xml. > > > > Regards, > > > > the elephantwalker > > www.elephantwalker.com > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED]]On > > Behalf Of Min-Hua Luo > > Sent: Friday, February 15, 2002 4:28 PM > > To: Orion-Interest > > Subject: > > > > > > Hi, > > > > I am confused by RoleManager.addToRole() > function. > > It says "Adds a principal to the specified role, > in > > practice this usually implies adding the principal > > to > > the legacy groups the role encompasses". Since all > > roles are defined in web.xml (<security-role> > tag), > > does addToRole() function will actually update my > > web.xml file and add a new role to > <security-role>? > > If > > not, what file(s) does addToRole() will update? > > Thanks > > a lot. > > > > __________________________________________________ > > Do You Yahoo!? > > Yahoo! Sports - Coverage of the 2002 Olympic Games > > http://sports.yahoo.com > > > > > > > > > __________________________________________________ > Do You Yahoo!? > Yahoo! Sports - Coverage of the 2002 Olympic Games > http://sports.yahoo.com > > __________________________________________________ Do You Yahoo!? Yahoo! Sports - Coverage of the 2002 Olympic Games http://sports.yahoo.com