Hi again Bjarni Þór Jónsson, I'm no friend of the standard behavior of the JNDIRealm too, but this is the standard and it should stay compatible to other J2EE Servers.
The way to go is JAAS. I'm currently developing my own JAAS-JNDI-Realm. You may return your own LdapUser and LdapRole classes as long as it implements interface Principial. And since Tomcat 5.0.29 it *does* return your classes and not the GenericPrincipal from Tomcat instead. This realm should even be compatible with every other J2EE Container supporting JAAS. No, my code is not ready for publishing. But I just extended the JAAS example code from Sun and I belnd it with JNDIRealm code. HTH, Frerk Meyer EDEKA Aktiengesellschaft GB Datenverarbeitung Frerk Meyer CC Web Technologien New-York-Ring 6 22297 Hamburg Tel: 040/6377 - 3272 Fax: 040/6377 - 41268 mailto:[EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]