Or, like us, use an old "bugged" tomcat version that allowed, on * role
"all authenticated users" instead of "all user having a role enumerated
in web.xml". Those old tomcat version break servlet specs but are handy
if you are not too regardant to specifications :)
Or use your own realm that add a
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Daniel,
Daniel Curran wrote:
> Is there a way to authenticate the user without requiring a specific role?
As has been previously stated, the * in your
deployment descriptor will work; you just have to make
sure that you have define all possible role
> From: Daniel Curran [mailto:[EMAIL PROTECTED]
> Subject: Re: SingleSignOn Valve Not Challenging
>
> The role has to be in LDAP as well as enumerated in a
> security-role list?
Yes. The source of the role associated with the principal is completely
independent of the autho
: Daniel Curran [mailto:[EMAIL PROTECTED]
Subject: Re: SingleSignOn Valve Not Challenging
I have added an auth constraint
*
To quote from the servlet spec:
'The special role name "*" is a shorthand for all role names defined in
the deployment descriptor.'
You sti
you're expecting the * (wildcard) to apply to stuff in your realm, it
doesn't.
I believe you have to define the roles in (security-role) web.xml, and
your * applies to the roles defined by security-role
Filip
Daniel Curran wrote:
I have added an auth constraint
*
I am now challenged bu
> From: Daniel Curran [mailto:[EMAIL PROTECTED]
> Subject: Re: SingleSignOn Valve Not Challenging
>
> I have added an auth constraint
>
>
> *
>
To quote from the servlet spec:
'The special role name "*" is a shorthand for all role names defined in
I have added an auth constraint
*
I am now challenged but when I login I get an error: HTTP Status 403 -
Access to the requested resource has been denied
When I look at the LDAP logs I see that I am successfully returning 1
entry, and if I provide invalid credentials I continue to be ch
> From: Daniel Curran [mailto:[EMAIL PROTECTED]
> Subject: SingleSignOn Valve Not Challenging
>
>
> Example Security Constraint
>
> Protected Area
> /*
>
>
>
> BASIC
> Single Sign-on Example
>
You're missing w
