Did you remove the permission for rmi:login? By default this goes something like:
<group name="users"> <description>users</description> <permission name="rmi:login" /> </group> (the default administrator is also part of users) or did you remove the permission for administrator to administrate? By defaut this goes something like: <group name="administrators"> <description>administrators</description> <permission name="administration" /> </group> or you delete your settings for namespace access in your orion-application.xml? It goes something like: <namespace-access> <read-access> <namespace-resource root=""> <security-role-mapping name="<jndi-user-role>"> <group name="administrators" /> </security-role-mapping> </namespace-resource> </read-access> <write-access> <namespace-resource root=""> <security-role-mapping name="<jndi-user-role>"> <group name="administrators" /> </security-role-mapping> </namespace-resource> </write-access> </namespace-access> Hope this helps, WR Magnus Rydin IronFlare AB > -----Ursprungligt meddelande----- > Fran: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]For Tim Courtney > Skickat: den 9 januari 2002 04:09 > Till: Orion-Interest > Amne: user manager, principals & shutdown > > > I need some help fixing something I broke. > > I stepped through the user manager tutorial on orionsupport ( > http://uk.orionsupport.com/articles/usermanager.html ) and managed to > put BASIC authentication on a certain directory on my site. > > But since then, it seems I deleted the information that allows the > shutdown command > >java -jar admin.jar ormi://localhost admin xxxxx -shutdown > > this command looks up the username/password in the custom UserManager > and always returns > >Security error: Invalid username/password for default (admin) > > I would prefer that the server admin & the users in the custom > UserManager be kept separate. > > is my principals.xml meant to have two different groups? > > can the server admin user remain in the xml config as it is when first > running orion? > <user username="admin" password="xxxxx" deactivated="false"> > > my application.xml: > <user-manager class="com.orionsupport.security.MyUserManager" /> > > should there be two different entries here??? one for the BASIC authen, > and one for server admin ? > > my web.xml: > <security-role> > <role-name>administrators</role-name> > </security-role> > > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>admin tool</realm-name> > </login-config> > <security-constraint> > <web-resource-collection> > <url-pattern>/admin/</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>administrators</role-name> > </auth-constraint> > </security-constraint> > > my principals.xml: (however the user is just ignored, and the > MyUserManager is always used to validate both users) > <principals> > <groups> > <group name="administrators"> > <description>admin tool users</description> > <permission name="administration" /> > <permission > name="com.evermind.server.AdministrationPermission" /> > </group> > </groups> > <users> > <user username="admin" password="admin" deactivated="false"> > <description>The default administrator</description> > <group-membership group="administrators" /> > </user> > </users> > </principals> > > I hope all that made sense > > thanks > tim >