I don't have a server setup in the way you need so I can't send you any examples, but I can give you some pointers.
They key is probably going to be getting your role mappings setup correctly. By default Tomcat is setup to only allow access to users with the "root", "user" or "guest" roles to the Slide webapp. Slide comes with several users configured with these roles and everything just works dandy :). When you switch to using the JNDIRealm, unless you've configured it so that the user you're logging in as has a role named "root", "user", or "guest" you won't be able to access the Slide webapp. You're either going to need to create an LDAP group named "root" and setup the JNDIRealm to use this group as a role, or you're going to need to modify the Slide web.xml file so that it requires a pre-existing role membership for access to the application. Go to the bottom of the file and look for the <role-name> elements in <auth-constraint> and <security-role>. If you use pre-existing roles they can be named anything you want, just be sure your JNDIRealm is setup to expose them properly. -James >>> [EMAIL PROTECTED] 6/25/2004 11:25:31 AM >>> I'd like to do authentication off of LDAP. I've done some digging in the archives and I understand the issue of authentication vrs authorization, and saw the discussions about creating an LDAP store for both of these aspects. However, I think for now I would prefer to just do authentication in LDAP and continue doing authorization in the file store. I also know that for such a setup, Tomcat is configured for an LDAP realm using JNDI. Alas, despite all of this, I still seem to be stuck. This is probably not helped by not having a terribly thorough knowledge and experience with Tomcat. I *think* I have server.xml set up correctly, but I don't seem to have things glued together right. (This is with the slide-2.1m1-tomcat all-in-one bundle.) Any possibility that some kind soul could send/post some example config files? I think it would help to see a working, example setup. Thanks, Amos --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
