hi
This looks long but it's actually straightforward. I can't get the JNDIRealm config to work Netscape Directory Server 3.1. I suspect the conf. of the JNDIRealm elment is wrong but don't know why. I have a LDIF file exported from Netscape Directory Server 3.1 which define(loosely speaking) - an admin user that I use in JNDIRealm for initial connection - a sales person - a SalesGroup role which has sales person as a member Other stuff removed for clarity. dn: uid=admin,o=company.com objectclass: top objectclass: person objectclass: organizationalperson objectclass: inetorgperson cn: SuiteSpot Administrator sn: Administrator givenname: SuiteSpot uid: admin userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g= dn: uid=salesID,o=company.com objectclass: top objectclass: person objectclass: organizationalPerson objectclass: inetOrgPerson objectclass: nsLicenseUser givenname: salesFir sn: salesSur cn: salesFul uid: salesID userpassword: {SHA}W6ph5Mm5Pz8GgiULbPgzG37mj9g= dn: cn=SalesGroup,o=company.com objectclass: top objectclass: groupOfUniqueNames cn: SalesGroup uniquemember: uid=salesID,o=company.com So my JNDIRealm config is, <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionName="uid=admin,o=company.com" connectionPassword="password" connectionURL="ldap://localhost:390" roleName="cn" roleSearch="(uniquemember={0})" roleSubtree="true" userPassword="userpassword" userPattern="uid={0},o=company.com" /> I have tried many combinations of patterns and attributes in the above configuration but none worked. The initial connection and authentication using admin seemed to work OK. But I can't get it to authenticate the sales person/salesGroup. I enter the salesID as the username and its password in the auth. dialog box web.xml has <security-constraint> <web-resource-collection> <web-resource-name>Sales</web-resource-name> <url-pattern>/jsp/SalesIndex.jsp</url-pattern> </web-resource-collection> <auth-constraint> <role-name>SalesGroup</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>DIGEST</auth-method> <realm-name>SID</realm-name> </login-config> <security-role> <role-name>SalesGroup</role-name> </security-role> Thanks very much --------------------------------- Do You Yahoo!? Yahoo! Health - Feel better, live better