I've discovered that there is apparently a fairly recent patch (3 mos old now) to JNDIRealm to allow searches for nested ldap groups, which sounds like a functionality I very much need to be able use my domino server's ldap.
My question, for someone wiser in the ways of tomcat releases, is how exactly I can best GET this new patch and what state it is in (alpha? Tomcat 6? Catalina.jar? ), since I do not understand the subversion system it is in. The patch, by Rainier Jung, is referenced here: http://marc.info/?l=tomcat-dev&m=124085853600925&q=raw or http://mail-archives.apache.org/mod_mbox/tomcat-dev/200904.mbox/%3c20090427185457.0ccf82388...@eris.apache.org%3e Alternately, is there a better option to convert nested ldap groups to roles (eg if Bob is in the NevadaSales Group and the NevadaSales group is nested in the NationalSales group, if Bob is logged in and I check isUserInRole("NationalSales"), it returns true)? I very much like the RHEL yum auto-updating scheme I would have to abandon to move (I think) to tomcat 6 (they are still on a version of 5.5). Thanks for any wisdom, George Payne
