Hi,
>
> Security roles in web.xml do not work with IIS
Btw, I guess that it is impossible to use roles
when one has apache as front end also.
> ------- Additional Comments From [EMAIL PROTECTED] 2003-01-20 15:18 -------
> The idea was to use NT UserGroups as Roles, but never reached to
> conclusion, that is to read that Info gathered from Native-NT at Java Land
> ( they are transmited to tomcat over the wire but tomcat doenst get them
> from the AJP13 packet), and use them as roles...
I already wrote a Jk2Realm, which was supposed to check that
if request role is one of the groups transmitted from native side
(the groups are in
HttpServletRequest.getAttribute("org.apache.tomcat.jk.roles"))
but then I noticed that servlet request is not available in Realm.hasRole.
So, maybe the right approach would be to add role information
into CoyotePrincipal and just check against that in my Jk2Realm ?
Also, to make my Jk2Realm to work I had to modify mbeans-descriptors.xml
under catalina - which didn't feel right because the Jk2Realm
kind of belongs to jakarta-connectors, doesn't it ?
I'm willing to make this work but as you can see, I need some
ideas how to proceeed.
Ari Suutari / Syncron Tech Oy
Lappeenranta, Finland
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
