ok. Some pointers:
1. I have my own imp. of UserManager and it's deliciously good
2. No need for principals.xml at this stage
3. When you add a security constraint, some pages require something 'extra'
to be seen, in the case, this extra is that the user login'd belongs to a
group sr_guest
[Excerpt from your mail]
> > <security-constraint>
> > <web-resource-collection>
> > <web-resource-name>Main</web-resource-name>
> > <url-pattern>/*</url-pattern>
> > <url-pattern>/list.jsp</url-pattern>
> > </web-resource-collection>
> >
> > <auth-constraint>
> > <role-name>sr_guest</role-name>
> > </auth-constraint>
> > </security-constraint>
if the user tries to get some pages (in this case, ALL), then it must belong
to a group sr_guest.
Does the user you login with belong to the group user? (and I don't mean the
DB... if you issue a
UserImp.isMemberOf(UserManagerImp.getGroup("sr_guest")
does it return true? If not, then something is not quite right).
If I'd was to test this, I would try the following:
create a user; say, 'jlorandi'
then, try some (pseudo) code:
User usr = UserManagerImp.getUser("jlorandi");
System.out.println("User:"+usr.getName);
Group grp = UserManagerImp.getGroup("sr_guest");
System.out.println("Group:"+grp.getName);
System.out.println("isMember?"+usr.isMemberOf(grp));
let me see how it comes
JP
> -----Original Message-----
> From: Ernie Phelps [mailto:[EMAIL PROTECTED]]
> Sent: Jueves, 22 de Febrero de 2001 15:51
> To: 'Juan Lorandi (Chile)'; 'Orion-Interest'
> Subject: RE: Customer User Manager problems
>
>
> Juan,
>
> I have tried putting the user into the principals.xml file,
> although the
> eventual goal is to not use this file at all (provide custom
> groups from the
> database via our UserManager). This does not seem to have any
> effect. I am
> not currently using a login error page, but I am not that
> worried about the
> login repetition for failure at the moment.
>
> My main concern is what is failing in the process, since
> authenticate is
> returning true from TMUser. There is presumably other code
> that I have to
> modify to get this to work, any idea's would be appreciated. Thanks.
>
> - Ernie
>
> -----Original Message-----
> From: Juan Lorandi (Chile) [mailto:[EMAIL PROTECTED]]
> Subject: RE: Customer User Manager problems
>
> have you got a login error page? that's why the three times,
> also, if a user doesn't belong to a sr_guest group, you won't
> have access
>
> > -----Original Message-----
> > From: Ernie Phelps [mailto:[EMAIL PROTECTED]]
> > Subject: Customer User Manager problems
> >
> > I am having difficulties getting a custom user manager to
> > work. Here are the
> > steps I have taken:
> >
> > Implemented User (as TMUser)
> > Implemented Group (as TMGroup)
> > Extended AbstractUserManager (as TMUserManager)
> >
> > Added the following to orion-application.xml:
> >
> > <user-manager class="com.trademotion.security.TMUserManager"/>
> >
> > <namespace-access>
> > <read-access>
> > <namespace-resource root="">
> > <security-role-mapping
> > name="<jndi-user-role>">
> > <group name="administrators" />
> > </security-role-mapping>
> > <security-role-mapping name="sr_guest">
> > <group name="ug_default" />
> > </security-role-mapping>
> > </namespace-resource>
> > </read-access>
> > <write-access>
> > <namespace-resource root="">
> > <security-role-mapping
> > name="<jndi-user-role>">
> > <group name="administrators" />
> > </security-role-mapping>
> > <security-role-mapping name="sr_guest">
> > <group name="ug_default" />
> > </security-role-mapping>
> > </namespace-resource>
> > </write-access>
> > </namespace-access>
> >
> > Added the following to web.xml:
> >
> > <security-constraint>
> > <web-resource-collection>
> > <web-resource-name>Main</web-resource-name>
> > <url-pattern>/*</url-pattern>
> > <url-pattern>/list.jsp</url-pattern>
> > </web-resource-collection>
> >
> > <auth-constraint>
> > <role-name>sr_guest</role-name>
> > </auth-constraint>
> > </security-constraint>
> >
> > <login-config>
> > <auth-method>BASIC</auth-method>
> > <realm-name>TM</realm-name>
> > </login-config>
> >
> > <security-role>
> > <role-name>sr_guest</role-name>
> > </security-role>
> >
> > Here is the result:
> >
> > 1. I start Orion. It calls TMUserManager Init.
> > 2. I start the browser, direct it to my controller. It pops
> the basic
> > authentication dialog. I enter username and password.
> > TMUserManager.getUser
> > is called.
> > TMUser.authenticate is called and returns true.
> > 3. The basic authentication dialog pops again. This happens 3
> > times then
> > fails.
> >
> > Any idea what I am missing here? I feel I have missed
> > something basic, but
> > can't put
> > my finger on it. TIA,
> >
> > - Ernie
>