I think there is a bug in JNDIRealm.java in 6.0.24. According to the docs:
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html it says roles can be specified by both userRoleName, AND roleName mechanisms. But, if both are used then the result is that userRoleName roles are excluded. I believe the correct approach is like this: --- ./java/org/apache/catalina/realm/JNDIRealm.java 2010-01-19 08:43:40.000000000 -0500 +++ ./java/org/apache/catalina/realm/JNDIRealm.java.new 2010-02-11 11:44:04.548054286 -0500 @@ -1720,7 +1720,8 @@ } } - return new ArrayList<String>(groupMap.values()); + list.addAll(groupMap.values()); + return list; } --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
