Hi, testing with the cma is just an easy way of testing container managed auth / reproduce your issue; tomcat-users.xml, just needs to have roles similar to what the LDAP has.
Then similar changes should be done on web.xml and with either cargo:run or running the tests you can see where to tweak the config, or if indeed code changes are needed. Kind regards, jp El jue, 22 ago 2024, 1:17, Alex O'Ree <alexo...@apache.org> escribió: > not sure if this helps. while i'm running in tomcat, tomcat-users.xml is > not used at all. The roles i have look nothing like "Authenticated" or > "Admin" and i need a way to map them into what jspwiki is expecting. > > On Mon, Aug 19, 2024 at 5:32 PM Juan Pablo Santos Rodríguez < > juanpablo.san...@gmail.com> wrote: > > > Hi! > > > > Currently on holidays, mobile, no pc, apologies on brevity and typos. > > > > A way back I did connect JSPWiki with and LDAP backend, don't remember > > doing nothing fancy, perhaps roles did match exactly. > > > > I'd suggest to play with the jspwiki-it-cma module, which relies on > > tomcat-users.xml (defined inline on the cargo plugin on the parent > > pom.xml). It just overwrites the web.xml file from the vanilla jspwiki > war, > > IIRC. From there I'd modify both tomcat-user.xml and web.xml > > auth-constraints and work from there. It'll be some days til I'm able to > > test, but perhaps this is enough to look into? > > > > HTH, > > jp > > > > El vie, 16 ago 2024, 22:32, Alex O'Ree <alexo...@apache.org> escribió: > > > > > Using container based authentication and i have my own roles populated > > from > > > LDAP. Trying to map this into the application level roles used by > > jspwiki. > > > > > > I did try role refs in web.xml > > > > > > <security-role-ref> > > > <role-name>LDAP-Wiki-Role</role-name> > > > <role-link>Admin</role-link><!-- jspwiki role--> > > > </security-role-ref> > > > > > > But i was unable to get this work. > > > > > > Then i saw this in the docs > > > "Alternatively, you could also replace all references to > "Authenticated" > > > and "Admin" with role names that match those returned by your > container's > > > security realm. JSPWiki doesn't care either way, as long as they > match." > > > > > > So question. does this mean only web.xml needs to be changed? That > didn't > > > work for me. I also updated the jspwiki policy file. Didn't seem to > work > > > either (also tried both). Is there any other files that need to be > > changed > > > to get this to work? > > > > > >
