Hi,
I guess, the main cause for the trouble you are describing is that the SlideRealm has not yet been adapted to the changes WRT ACL-draft-12. Sorry for this inconvenience ... I'll take care of that ASAP.
I thought I had fixed this some time ago, haven't I? At least for me it works.
Oliver
For now, you can get security working if you configure the default org.apache.catalina.realm.UserDatabaseRealm in your server.xml and define all users and roles twice: once in Domain.xml (as you did) and once in tomcat-users.xml (with passwords). A sample tomcat-users.xml matching the default Domain.xml (with john and john2) can be found at src/conf/webapp.
Regards, Peter
-----Original Message----- From: McClain Looney [mailto:[EMAIL PROTECTED] Sent: Monday, January 05, 2004 03:42 To: Slide Users Mailing List Subject: Domain.xml and the immortal john2
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Hello,
I've edited my domain.xml file (slide-cvs) to include a couple of users, their passwords, and group memberships for testing purposes, and configured tomcat to use the SlideRealm for authentication. All the bits seem to start up fine, with no warnings, other than tomcat complaining about a role being referenced without being defined in the web.xml.
Then something weird happens..
I can't authenticate with my users, b/c slide doesn't see them in the roles i've assigned them. When ACLSecurityImpl looks into the group-member-set property for all the defined roles, it only ever sees john2, root and john as members of the "user" role (as in the distributed Domain.xml file)!
I have no idea how they get in there, I've removed them from everwhere i've found them, even grepped through the class files to suss out hardcoding, I've grepped through everything i can imagine, and still can find no mention of john2 anywhere in my source tree (i even deleted the sample domain.xml files).
The _really_ bizarre thing, is that ACLSecurityImpl actually finds the proper passwords for these users (though it cannot find a password for root, even if i set one up).
what could be the origin of these phantom users?
- -- McClain Looney
LoonSoft LLC
[EMAIL PROTECTED]
Public key E3122EF8 available at http://wwwkeys.us.pgp.net/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/+M7zJY6NG+MSLvgRAnVUAJ9n5PIJsZXgq1kc/ywdymkqLTyEFACgpdda N8oumlnb1DIVbyr3vHvbNTQ= =h4IB -----END PGP SIGNATURE-----
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
