Hi,
In my environment I want to authenticate the users against MS Active
Directory by JNDI LDAP. The user authentication is ok and also the roles
found by getRoles() are the right ones. But the returned roles are given
in their complete distinguished name (DN.
In catalina.out:
2004-05-13 11:33:44 JNDIRealm[Standalone]: Found role
CN=ERKUSAAdmin,CN=Users,DC=local,DC=bremereb,DC=de
instead of
2004-05-13 11:59:31 JNDIRealm[Catalina]: Found role ERKUSAAdmin
So I have to configure the fully DN in web.xml for a security-constraint
instead of the pure role name, what is highest undesireable. I run this
on tomcat 4.1.27.
The funny thing is that the same configuration on tomcat 5 works.
For completion, here is my realm config (user- and rolebase are the
same):
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="... (substituted)"
userBase="CN=Users,dc=local,dc=bremereb,dc=de"
userSearch="(sAMAccountName={0})"
userRoleName="memberOf" roleBase="CN=Users,dc=local,dc=bremereb,dc=de"
roleName="cn"
roleSearch="member={0}" connectionName="[EMAIL PROTECTED]"
connectionPassword="secret"
roleSubtree="true"
userSubtree="true" />
Can anybody tell me how to get the pure assigned role names for a
authenticated user?
Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
