Which app server are you using? I'm curious if this is a standard
behavior that we could take advantage of in the default web.xml file. It
seems like it would simplify things.
-James
Stefan Fromm wrote:
I've made web.xml independent of Slide roles. In the element
/web-app/security-constraint/auth-constraint/role-name I just give the
value * for all roles. That means that all roles are allowed to execute
the HTTP-methods on all resources. The real authorization is performed
by Slide. With these settings the authentication is activated in the
servlet container.
The elements /web-app/servlet/security-role-ref and
/web-app/security-role/ are removed.
Stefan
Am Tue, 24 Aug 2004 11:09:02 +0200 schrieb Stefan Fromm
<[EMAIL PROTECTED]>:
Hello James,
I found the problem. I had to change the web.xml of the war file and
introduce my set of roles there. Then I could use JAAS authentication.
I'm thinking of the user/roles-administration application written with
the projector framework. Could it be that just creating the users and
roles in Slide is not enough, because the web.xml must also be
changed? Or is there a way to set security constraints in web.xml in a
way that I don't need to refer to my specific set of roles, but still
can have authentication only against roles from my set of roles?
Stefan
Am Mon, 23 Aug 2004 11:22:08 -0700 schrieb James Mason
<[EMAIL PROTECTED]>:
Creating your own roles should be fine. The JNDIPrincipalStore
doesn't create the default roles and it works fine. Make sure if you
remove the user role that you change any permissions that were
assigned to that role in Domain.xml to another role that still exists.
-James
Stefan Fromm wrote:
Hello,
I want to create an own set of roles containing:
- administrator
- editor
- author
I want the "root"-user to be in role "administrator" and will have
other users in the other roles. The problem is: as soon as I remove
the "/roles/user" node from the Domain.xml I cannot authenticate as
"root" anymore. I assume that there is a problem with the classes
providing the roles like:
- slideroles.basic.UserRole and slideroles.basic.UserRoleImpl
- slideroles.basic.RootRole and slideroles.basic.RootRoleImpl
When I want to authenticate as user which is in role "editor" it
doesn't work. I think I have to provide interfaces "xxxRole" and
classes "xxxRoleImpl" for my roles. Is there anyone who can give me
some hints if I'm right or wrong and hints on how to do it? I have
some questions that are of interest for me:
Best regards
Stefan
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
