I think Robert is right. You can create your own Realm implementation. And JNDIRealm does handle authentication against LDAP server. If you configure tomcat in conf/server.xml to use JNDIRealm and turn slide security authentication on in WEB-INF/web.xml. You will be prompted for enter authentication information(user/password for BASIC authentication) when you try to access slide resources. If you configure JNDIRealm right(or create your own if that not fit your need), when you entered user/pass, Tomcat will check it agaist LDAP to see if matches can be found and also grab a list of roles according to your configuration or implementation. This list of roles from LDAP has to have one matches the one of autherized roles at the bottom of web.xml. If that happens, then you can touch base with WebdavServlet in slide. Now question to Jim, When you say "doing all authentication and authorization through the IPlanet LDAP Directory Server.", do you want to use roles in LDAP for ACL inside slide? If that's the case, it's going to be a bit of chanlleging. Because slide's role implementation is quite different, If you look at SecurityImpl's hasRole method, you will realize that for a subject to have certain role, that subject has to implement certain interface. However, if you change this class to use roles provided by LDAP, then basically you can use LDAP for autherization in slide also. Hope it helps. Jiantao
-----Original Message----- From: Robert Priest [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 18, 2002 9:36 AM To: 'Slide Users Mailing List' Subject: RE: LDAP + Slide It is possible to authenticate against a source other than Domain.xml. What you should look into is creating your on Realm implementation. I started by looking at the what the default MemoryRealm did, but examining JNDIRealm should help you alot. Also, I am not sure, but I think that the JNDIRealm handles authentication against an LDAP Server. Or, there is a LDAPRealm implementation out there somewhere. Again, I have not looked at that stuff in a while, but I believe it is there. I think they are bundled with the source. -----Original Message----- From: Jim Alateras [mailto:[EMAIL PROTECTED]] Sent: Tuesday, June 18, 2002 12:09 AM To: [EMAIL PROTECTED] Subject: LDAP + Slide Hi, I am currently using Tomcat 4.0.1 with Slide 1.0.16 and am interested in doing all authentication and authorization through the IPlanet LDAP Directory Server. I can configure Tomcat to successfully work with my LDAP server by extending the JNDIRealm but I assume there is more I need to do. Now the question is can use Tomcat+Slide to authenticate against the information in the LDAP Server rather than the information specified in the Domain.xml file. There does not seems to be a definitive answer in the Slide mail archive. cheers </jima> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
