Hi, I have problems getting my JNDIPrincipalStores working. I am searching the slide-user mailing list and google for days now. It's really hard to find a complete slide documentation (for users). If I am wrong and you know a good place with good documentation stuff, please give me a hint!
We have a LDAP server with about 900 users and some roles. My aim is to run a slide server with access control with above mentioned sets of users and roles. I choosed the "Slide bundled with Tomcat 5.0.28" package and got it running fine in default configuration. Now, I want to add the required LDAP support. Authentication is made by Tomcat, so I configured a JNDIRealm in the /slide context in the server.xml (http://www-linux.gsi.de/~dklein/slide/server.xml). This works, here my JNDIRealm log (http://www-linux.gsi.de/~dklein/slide/jndirealm_log). Next, I configured the JNDIPrincipalStores (http://www-linux.gsi.de/~dklein/slide/Domain.xml) and a minimum acl (with the help of this mailing list). I uncommented something security related in my web.xml file (http://www-linux.gsi.de/~dklein/slide/web.xml). I do not understand the relation between the security roles in the web.xml file and the roles from LDAP!? When I browse on http://localhost:8080/slide and logon with above successfully authenticated credentials I get a 403 ("Access to the requested resource has been denied") error. Here are my debug log files: - catalina.out (http://www-linux.gsi.de/~dklein/slide/catalina.out) - localhost_log.2006-08-09.txt (http://www-linux.gsi.de/~dklein/slide/localhost_log.2006-08-09.txt) - localhost_slide_access_log.2006-08-09.txt (http://www-linux.gsi.de/~dklein/slide/localhost_slide_access_log.2006-08-09.txt) Do you have any ideas? If I should do some work in reading more docs, because my problem is standard, please provide some resources. However, my questions are: How can I get this stuff working? How is the relationship between my two JNDIPrincipalStores being configured? Is it done by registering them with the <userspath> and <rolespath> elements? Is it possible to add a third store (additionally to the JNDIPrincipalStore for roles), let me call it group-store, in that way, that users can group some users "locally" (which means, that these groups are only visible to the slide and do not require changes in ldap server)? thx in advance, all the best, Dennis Klein <[EMAIL PROTECTED]> p.s.: Sorry for my bad english. I don't speak english natively. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
