By default I believe the Slide realm requires that a user be a member of the root, user or guest role. To get the behavior you want you're going to need to change the realm somehow. Either configure the webapp to allow any valid user (may or may not be possible), modify the Slide realm to behave the way you want, or setup an external user store that both Slide and Tomcat can use (LDAP or Tomcat internal users + auto-create-users in Slide).
-James On Mon, 2005-07-11 at 15:25 -0700, Constantine Vetoshev wrote: > This is perhaps more of a Tomcat question than a Slide question, but > here goes anyway: > > For my application, I don't need to use Slide roles. Given the way ACEs > work in Slide, I can assign a privilege to any user on an individual > basis, which is exactly what I need. If, however, I create a user > without adding the user to a group-member-set, and then try to log in > as that user, I can't even get to the point of testing the resulting > ACL. Tomcat (5.0.28) throws a 403 error before even trying to run any > Slide code. I put a breakpoint on the first line of the service method > of WebdavServlet, and never reached it. > > In a nutshell, I created a user, /users/john3, but did not add him to > any role's group-member-set. Logging in to Slide as john3 fails inside > Tomcat, before any Slide-specific code runs. Presumably, this has to do > with the realm and auth-constraints configured in Tomcat, which somehow > check user IDs and roles against Slide's idea of user roles. I'm using > a completely stock Tomcat configuration (except for adding the slide > realm). > > Is it at all possible to use Slide without updating the > group-member-set? I'll never use ACEs which rely on group memberships. > I understand that I can just add all new users to /roles/user when I > create them, and remove them from /roles/user when I delete them, but > it seems like an unnecessary hassle. Are Tomcat and Slide so married to > the idea of roles that it cannot be removed? > > Many thanks, > CV > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
