Hello, I try to implement the authentification for the tomcat manager application against active directory.
Unfortunately I don't understand the role concept. I like to give the users permissions to open the manager when they're in this group: > memberOf: CN=Tomcat Admins,OU=Roles,OU=Spezielle > Gruppen,OU=SITES,OU=\#KONFIGURATION,DC=DOM,DC=de server.xml: <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionName="CN=SVC,OU=Service Accounts,OU=SITES,OU=\#KONFIGURATION,DC=DOM,DC=de" connectionPassword="_2VK!WHzybn1SJ8P" connectionURL="ldap://server:389/OU=SITES,OU=\#KONFIGURATION,DC=DOM,DC=de?sAMAccountName?sub?(objectClass=*)" userSearch="(sAMAccountName={0})" userSubtree="true" roleSearch="(memberof={0})" roleSubtree="true" userRoleName="CN=Tomcat Admins,OU=Roles,OU=Spezielle Gruppen,OU=SITES,OU=\#KONFIGURATION,DC=DOM,DC=de " /> <!-- roleBase="DC=DOM,DC=de" roleName="cn" --> With this configuration I can open the Manager, but got no permissions. Even if the user role relationship will found, I don't understand how I can assign tomcat roles (e.g. manager-gui) to the user. Thanks! Best Regards, Bjoern --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org