Ok, cool, so, how I have a question about the parts:
roleBase="OU=Users,OU=[my OU],DC=[Domain],DC=com"
roleName="memberOf"
roleSearch="(memberOf=CN=tomcat,CN=Users,DC=[Domain],DC=com)"
This is going to specify what "roles" apply to the user under the "role-name" portion
of the web.xml, correct? As well as for use with isUserInRole(), right?
If I want the roles that apply to my user to be their NT Groups, would I make it
something akin to:
roleBase="CN=Users,DC=[Domain],DC=com"
roleName="memberOf"
Will it take all of their roles, even with roleSearch specified?
Am I on the Right Track(tm) with all of this?
Justin
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Monday, November 03, 2003 4:16 PM
To: [EMAIL PROTECTED]
Subject: RE: JNDIRealm...more
Here's what I have......this works for me....hope this helps....
<Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://[domain controller]:389"
userBase="OU=Users,OU=[My OU],DC=[Domain],DC=com"
userSearch="(sAMAccountName={0})"
userRoleName="member"
roleBase="OU=Users,OU=[my OU],DC=[Domain],DC=com"
roleName="memberOf"
roleSearch="(memberOf=CN=tomcat,CN=Users,DC=[Domain],DC=com)"
connectionName="CN=Administrator,CN=Users,DC=[Domain],DC=com"
connectionPassword="[password]"
roleSubtree="true"
userSubtree="true"/>To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
