This is perhaps more of a Tomcat question than a Slide question, but here goes anyway:
For my application, I don't need to use Slide roles. Given the way ACEs work in Slide, I can assign a privilege to any user on an individual basis, which is exactly what I need. If, however, I create a user without adding the user to a group-member-set, and then try to log in as that user, I can't even get to the point of testing the resulting ACL. Tomcat (5.0.28) throws a 403 error before even trying to run any Slide code. I put a breakpoint on the first line of the service method of WebdavServlet, and never reached it. In a nutshell, I created a user, /users/john3, but did not add him to any role's group-member-set. Logging in to Slide as john3 fails inside Tomcat, before any Slide-specific code runs. Presumably, this has to do with the realm and auth-constraints configured in Tomcat, which somehow check user IDs and roles against Slide's idea of user roles. I'm using a completely stock Tomcat configuration (except for adding the slide realm). Is it at all possible to use Slide without updating the group-member-set? I'll never use ACEs which rely on group memberships. I understand that I can just add all new users to /roles/user when I create them, and remove them from /roles/user when I delete them, but it seems like an unnecessary hassle. Are Tomcat and Slide so married to the idea of roles that it cannot be removed? Many thanks, CV __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
