Hello! I'm new to Slide, too. But I think I have understand why there is such a confusion about user authentication with Slide.
I will describe what I think is happening and someone who knows better should correct me if I'm wrong. First I want to make sure that everybody understands the difference between authentication and authorization. authentication To verify the identity of someone. Usually this happens when you give a username + password. The username gives the identity and I only believe this if the password is correct. authorization To decide if someone is allowed to do something. An example: is user "joe" allowed to "GET" this file (ressource) ? So before you can "authorize" someone for some action you need to "authenticate" him to know his identity. So back to a Tomcat and Slide. The authentication is done by Tomcat. In Tomcat you configure something called a "realm" or "security realm". A "realm" is the configuration of a user/password DB which is used for the authentication. There are many possibilities where you can store this: in memory, in a database, in a LDAP server, ... You also configure for every webapp which "realm" to use (where does Tomcat find the allowed usernames/passwords) and which users have access to this webapp. With other words: you also configure the "authorization" to access a webapp in it's whole. Everything up to here happens in the Tomcat layer. If Tomcat decides that you have access he delegates the request to the web app. For Slide this is the WebDAV Servlet. Now inside Slide there is second "authorization". To make this work Slide must find a "node" for the user (Tomcat tells the web app the user name) below the /users folder. If Slide does not find the name or he finds the user but this user does not have access rights (does not have an valid ACL entry) he denies the access. To summarize the above: There are two places where you must insert information about an user: 1) In the "realm" used by Slide 2) In the Slide "user directory"; in the default config below "/slide/users" Because this is error prone there is an alternative. There exists a special "realm" implementation - the "SlideRealm". This "realm" uses as it's datasource the Slide "user directory". So this unifies 1) and 2) and they can not differ. But there is a drawback: because you need access to Slide in the SlideRealm class you need to move the needed java jars from the web app directory into the global Tomcat lib directory. This is needed because by design the classloaders of Tomcat and every web app are seperated in a certain way. Please excuse my errors but english is not my native language. I hope you get the idea. cu Olli -- Ceyoniq Technology -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
