McClain,
It may be possible that the users defined in the
configurations were created the first time you started
the server. Once they are created the objectnodes
representing the users will be found in one of the
stores you defined from Domain.xml (I believe it is
the descriptor store). I would check to see if they
are still there. If so, do a clean install and remove
this possible phantom source.
Secondly, without having the roles assigned to your
users match the roles defined in web.xml, I believe
you should continue to have authentication problems.
Please check the servlet container's web.xml for the
following for each of the roles you are using (e.g.
root, guest, user).
<security-role>
<description>
An example role
</description>
<role-name>guest</role-name>
</security-role>
Finally, I am no expert on Slide, but IMHO these seem
to be the causes of your problems.
Hope this Helps,
__Julian
--- McClain Looney <[EMAIL PROTECTED]> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> Hello,
>
> I've edited my domain.xml file (slide-cvs) to
> include a couple of users, their
> passwords, and group memberships for testing
> purposes, and configured tomcat
> to use the SlideRealm for authentication. All the
> bits seem to start up fine,
> with no warnings, other than tomcat complaining
> about a role being referenced
> without being defined in the web.xml.
>
> Then something weird happens..
>
> I can't authenticate with my users, b/c slide
> doesn't see them in the roles
> i've assigned them. When ACLSecurityImpl looks into
> the group-member-set
> property for all the defined roles, it only ever
> sees john2, root and john as
> members of the "user" role (as in the distributed
> Domain.xml file)!
>
> I have no idea how they get in there, I've removed
> them from everwhere i've
> found them, even grepped through the class files to
> suss out hardcoding, I've
> grepped through everything i can imagine, and still
> can find no mention of
> john2 anywhere in my source tree (i even deleted the
> sample domain.xml
> files).
>
> The _really_ bizarre thing, is that ACLSecurityImpl
> actually finds the proper
> passwords for these users (though it cannot find a
> password for root, even if
> i set one up).
>
> what could be the origin of these phantom users?
>
>
> - --
> McClain Looney
> LoonSoft LLC
> [EMAIL PROTECTED]
>
> Public key E3122EF8 available
> at http://wwwkeys.us.pgp.net/
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
>
>
iD8DBQE/+M7zJY6NG+MSLvgRAnVUAJ9n5PIJsZXgq1kc/ywdymkqLTyEFACgpdda
> N8oumlnb1DIVbyr3vHvbNTQ=
> =h4IB
> -----END PGP SIGNATURE-----
>
>
>
---------------------------------------------------------------------
> To unsubscribe, e-mail:
> [EMAIL PROTECTED]
> For additional commands, e-mail:
> [EMAIL PROTECTED]
>
=====
Live simply so others may simply live.
�
-Ghandi
�
Pluralitas non est ponenda sine neccesitate.
"Entities should not be multiplied unneccesarily"
�
-William of Occam
__________________________________
Do you Yahoo!?
Find out what made the Top Yahoo! Searches of 2003
http://search.yahoo.com/top2003
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
