You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Christian Schmitz <cs...@pironet-ndh.com> on 2002/06/18 18:46:23 UTC
JNDIRealm without roles???
Hello,
I want to use JNDIRealm wothout Rolesearch. In my LDAP-Directory no roles
are set and I didn't set any roles in my web.xml.
The Catalina log shows that the Realm authenticates Username and Password
correct, although Access denied! I don't know why.
This are the Entries in the log-file:
2002-06-18 17:44:43 JNDIRealm[Standalone]: Username schmutz2 successfully
authenticated
2002-06-18 17:44:43 JNDIRealm[Standalone]:
getRoles(uid=schmutz2,o=PIRONET,c=DE)
I searched the source code of JNDIRealm and this way seems to be
implemented:
// Are we configured to do role searches?
ArrayList list = new ArrayList();
if ((roleFormat == null) || (roleName == null))
return (list);
So I think it must authenticate, but Access denies.
Can anybody help me please
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: JNDIRealm without roles???
Posted by Josh Fenlason <jf...@ptc.com>.
Add this at the bottom of your web.xml, just before you close the web-app
element:
<security-constraint>
<web-resource-collection>
<web-resource-name>resourceName</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<!--This will allow any role including no role-->
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>myRealm</realm-name>
</login-config>
-----Original Message-----
From: Christian Schmitz [mailto:cschmitz@pironet-ndh.com]
Sent: Tuesday, June 18, 2002 11:46 AM
To: 'tomcat-user@jakarta.apache.org'
Subject: JNDIRealm without roles???
Hello,
I want to use JNDIRealm wothout Rolesearch. In my LDAP-Directory no roles
are set and I didn't set any roles in my web.xml.
The Catalina log shows that the Realm authenticates Username and Password
correct, although Access denied! I don't know why.
This are the Entries in the log-file:
2002-06-18 17:44:43 JNDIRealm[Standalone]: Username schmutz2 successfully
authenticated
2002-06-18 17:44:43 JNDIRealm[Standalone]:
getRoles(uid=schmutz2,o=PIRONET,c=DE)
I searched the source code of JNDIRealm and this way seems to be
implemented:
// Are we configured to do role searches?
ArrayList list = new ArrayList();
if ((roleFormat == null) || (roleName == null))
return (list);
So I think it must authenticate, but Access denies.
Can anybody help me please
--
To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>