Thanks for the advice Jan, although I've been running some tests without
success. Basically I did something like this:
[code]
public class RoleMappingServletHandler extends ServletHandler
{
@Override
protected synchronized void doStart()
throws Exception
{
super.doStart();
final ServletHolder[] servlets = getServlets();
for (final ServletHolder servlet : servlets)
{
servlet.setUserRoleLink("user", "userRole");
}
}
}
[/code]
[code]
<Configure id="wac" class="org.eclipse.jetty.webapp.WebAppContext">
<Set name='servletHandler'>
<New class='com.aurea.jetty.servlet.RoleMappingServletHandler'/>
</Set>
</Configure>
[/code]
The code is summarized, but basically I am trying to connect to my LDAP
server, and I am receiving error 403. When I change the LDAP settings and
set it to the one the webapp is expecting, then it works, so it seems like
the mapping is not working properly.
2016-11-24 22:34 GMT-02:00 Jan Bartel <[email protected]>:
> Samuel,
>
> I think you're going to have to write a tiny bit of code to get the
> ServletHandler from the context, iterate over the servlets, and call
> ServletHolder.setUserRoleLink(role,link) for all the groups you want to
> link to a different name. That bit of code would need to be invoked from a
> WEB-INF/jetty-web.xml file to ensure that the jetty classes are visible.
>
> Jan
>
> On 25 November 2016 at 11:01, Samuel Martinucci <
> [email protected]> wrote:
>
>> Hello Jan,
>>
>> I am looking for something more generic, that applies to everything
>> inside of the context (similar to the function that this mapping has on
>> glassfish-web.xml)
>>
>> 2016-11-24 21:57 GMT-02:00 Jan Bartel <[email protected]>:
>>
>>> Hi Samuel,
>>>
>>> You can map the role names for a given <servlet> in web.xml using the
>>> <security-role-ref><role-name><role-link>. So if your ldap group is
>>> "manager" but you want to do request.isUserInRole("admin") you would
>>> declare <security-role-ref><role-name>admin</role-name><role-link>ma
>>> nager</role-link></security-role-ref>.
>>>
>>> Or are you looking for a way to configure this for all servlets, or
>>> looking for a way to configure this external to the web.xml?
>>>
>>>
>>> Jan
>>>
>>> On 24 November 2016 at 21:48, Samuel Martinucci <
>>> [email protected]> wrote:
>>>
>>>> Hi,
>>>>
>>>> I've found the following email thread and I am currently facing the
>>>> same problem, does anyone know if it was solved some way?
>>>>
>>>> https://dev.eclipse.org/mhonarc/lists/jetty-users/msg07063.html
>>>>
>>>> I've tried with sun-web.xml without success and I am starting to share
>>>> the same thought that I will need to subclass LdapLoginModule, even though
>>>> I imagine that there might exist a solution for this.
>>>>
>>>> Best regards.
>>>>
>>>> _______________________________________________
>>>> jetty-users mailing list
>>>> [email protected]
>>>> To change your delivery options, retrieve your password, or unsubscribe
>>>> from this list, visit
>>>> https://dev.eclipse.org/mailman/listinfo/jetty-users
>>>>
>>>
>>>
>>>
>>> --
>>> Jan Bartel <[email protected]>
>>> www.webtide.com
>>> *Expert assistance from the creators of Jetty and CometD*
>>>
>>>
>>> _______________________________________________
>>> jetty-users mailing list
>>> [email protected]
>>> To change your delivery options, retrieve your password, or unsubscribe
>>> from this list, visit
>>> https://dev.eclipse.org/mailman/listinfo/jetty-users
>>>
>>
>>
>> _______________________________________________
>> jetty-users mailing list
>> [email protected]
>> To change your delivery options, retrieve your password, or unsubscribe
>> from this list, visit
>> https://dev.eclipse.org/mailman/listinfo/jetty-users
>>
>
>
>
> --
> Jan Bartel <[email protected]>
> www.webtide.com
> *Expert assistance from the creators of Jetty and CometD*
>
>
> _______________________________________________
> jetty-users mailing list
> [email protected]
> To change your delivery options, retrieve your password, or unsubscribe
> from this list, visit
> https://dev.eclipse.org/mailman/listinfo/jetty-users
>
_______________________________________________
jetty-users mailing list
[email protected]
To change your delivery options, retrieve your password, or unsubscribe from
this list, visit
https://dev.eclipse.org/mailman/listinfo/jetty-users
