Hi Matt,
Matt Raible-3 wrote: > >> I tried >> http://cwiki.apache.org/confluence/display/ROLLER/Roller+4.0+with+LDAP+and+CAS >> and I have a feeling that I'm missing something. >> > > Have you tried these instructions? If so, what's not working? Do you > see error messages in your logs? > Install Roller and Test was just as described. From Install LDAP and Test I skipped steps 1 through 7 since we already have an LDAP infrastructure I want to hook up to. after I've modified security.xml and started roller I try to login with a known user from this repository. The configuration I use is after the log of the login attempt: [rol...@gir logs]$ grep '08:39:17,' roller.log DEBUG 2009-01-28 08:39:17,500 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Converted URL to lowercase, from: '/roller_j_security_check'; to: '/roller_j_security_check' DEBUG 2009-01-28 08:39:17,501 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Candidate is: '/roller_j_security_check'; pattern is /**; matched=true DEBUG 2009-01-28 08:39:17,502 FilterChainProxy$VirtualFilterChain:doFilter - /roller_j_security_check at position 1 of 8 in additional filter chain; firing Filter: 'org.acegisecurity.context.httpsessioncontextintegrationfil...@1e3e7d2' DEBUG 2009-01-28 08:39:17,504 HttpSessionContextIntegrationFilter:doFilter - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'org.acegisecurity.context.securitycontexti...@ffffffff: Null authentication' DEBUG 2009-01-28 08:39:17,506 FilterChainProxy$VirtualFilterChain:doFilter - /roller_j_security_check at position 2 of 8 in additional filter chain; firing Filter: 'org.acegisecurity.ui.webapp.authenticationprocessingfil...@17bcd4' DEBUG 2009-01-28 08:39:17,507 AbstractProcessingFilter:doFilter - Request is to process authentication DEBUG 2009-01-28 08:39:17,508 ProviderManager:doAuthentication - Authentication attempt using org.acegisecurity.providers.dao.DaoAuthenticationProvider DEBUG 2009-01-28 08:39:17,510 EhCacheBasedUserCache:getUserFromCache - Cache hit: false; username: jsmith1 DEBUG 2009-01-28 08:39:17,550 ProviderManager:doAuthentication - Authentication attempt using org.acegisecurity.providers.ldap.LdapAuthenticationProvider DEBUG 2009-01-28 08:39:17,551 EhCacheBasedUserCache:getUserFromCache - Cache hit: false; username: jsmith1 DEBUG 2009-01-28 08:39:17,551 LdapAuthenticationProvider:retrieveUser - Retrieving user jsmith1 DEBUG 2009-01-28 08:39:17,552 DefaultInitialDirContextFactory:connect - Creating InitialDirContext with environment {java.naming.provider.url=ldap://ldap1.xxxx.uva.nl/ou=Medewerkers,o=Universiteit\20van\20Amsterdam,c=NL, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.principal=uid=a_user_that_has_sufficient_rights,ou=Special Users,o=Universiteit van Amsterdam,c=NL, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.credentials=******} DEBUG 2009-01-28 08:39:17,571 FilterBasedLdapUserSearch:searchForUser - Searching for user 'jsmith1', in context javax.naming.directory.initialdircont...@4f71a3, with user search [ searchFilter: 'uid={0}', searchBase: '', scope: subtreesearchTimeLimit: 0derefLinkFlag: false ] DEBUG 2009-01-28 08:39:17,575 DefaultInitialDirContextFactory:connect - Creating InitialDirContext with environment {java.naming.provider.url=ldap://ldap1.xxxx.uva.nl/ou=Medewerkers,o=Universiteit\20van\20Amsterdam,c=NL, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.principal=uid=a_user_that_has_sufficient_rights,ou=Special Users,o=Universiteit van Amsterdam,c=NL, com.sun.jndi.ldap.connect.pool=true, java.naming.security.authentication=simple, java.naming.security.credentials=******} DEBUG 2009-01-28 08:39:17,612 DefaultInitialDirContextFactory:connect - Creating InitialDirContext with environment {java.naming.provider.url=ldap://ldap1.xxxx.uva.nl/ou=Medewerkers,o=Universiteit\20van\20Amsterdam,c=NL, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory, java.naming.security.principal=uid=jsmith1,ou=Medewerkers,o=Universiteit\20van\20Amsterdam,c=NL, java.naming.security.authentication=simple, java.naming.security.credentials=******} WARN 2009-01-28 08:39:17,676 LoggerListener:onApplicationEvent - Authentication event AuthenticationFailureServiceExceptionEvent: jsmith1; details: org.acegisecurity.ui.webauthenticationdeta...@fffed504: RemoteIpAddress: 145.18.xxx.xxx; SessionId: 09FE97A71314FF42872BCAE1D52453B0; exception: ERROR no user: jsmith1; nested exception is org.acegisecurity.ldap.LdapDataAccessException: ERROR no user: jsmith1 DEBUG 2009-01-28 08:39:17,677 AbstractProcessingFilter:unsuccessfulAuthentication - Updated SecurityContextHolder to contain null Authentication DEBUG 2009-01-28 08:39:17,677 AbstractProcessingFilter:unsuccessfulAuthentication - Authentication request failed: org.acegisecurity.AuthenticationServiceException: ERROR no user: jsmith1; nested exception is org.acegisecurity.ldap.LdapDataAccessException: ERROR no user: jsmith1 DEBUG 2009-01-28 08:39:17,678 TokenBasedRememberMeServices:cancelCookie - Cancelling cookie for reason: Interactive authentication attempt was unsuccessful DEBUG 2009-01-28 08:39:17,679 HttpSessionContextIntegrationFilter:doFilter - SecurityContextHolder set to new context, as request processing completed DEBUG 2009-01-28 08:39:17,701 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Converted URL to lowercase, from: '/roller-ui/login.rol'; to: '/roller-ui/login.rol' DEBUG 2009-01-28 08:39:17,702 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Candidate is: '/roller-ui/login.rol'; pattern is /**; matched=true DEBUG 2009-01-28 08:39:17,702 FilterChainProxy$VirtualFilterChain:doFilter - /roller-ui/login.rol?error=true at position 1 of 8 in additional filter chain; firing Filter: 'org.acegisecurity.context.httpsessioncontextintegrationfil...@1e3e7d2' DEBUG 2009-01-28 08:39:17,703 HttpSessionContextIntegrationFilter:doFilter - Obtained from ACEGI_SECURITY_CONTEXT a valid SecurityContext and set to SecurityContextHolder: 'org.acegisecurity.context.securitycontexti...@ffffffff: Null authentication' DEBUG 2009-01-28 08:39:17,703 FilterChainProxy$VirtualFilterChain:doFilter - /roller-ui/login.rol?error=true at position 2 of 8 in additional filter chain; firing Filter: 'org.acegisecurity.ui.webapp.authenticationprocessingfil...@17bcd4' DEBUG 2009-01-28 08:39:17,704 FilterChainProxy$VirtualFilterChain:doFilter - /roller-ui/login.rol?error=true at position 3 of 8 in additional filter chain; firing Filter: 'org.acegisecurity.ui.rememberme.remembermeprocessingfil...@85e57' DEBUG 2009-01-28 08:39:17,704 FilterChainProxy$VirtualFilterChain:doFilter - /roller-ui/login.rol?error=true at position 4 of 8 in additional filter chain; firing Filter: 'org.acegisecurity.securechannel.channelprocessingfil...@169a1c5' DEBUG 2009-01-28 08:39:17,705 FilterChainProxy$VirtualFilterChain:doFilter - /roller-ui/login.rol?error=true at position 5 of 8 in additional filter chain; firing Filter: 'org.acegisecurity.wrapper.securitycontextholderawarerequestfil...@1fb9fb3' DEBUG 2009-01-28 08:39:17,706 SavedRequest:propertyEquals - pathInfo: both null (property equals) DEBUG 2009-01-28 08:39:17,706 SavedRequest:propertyEquals - queryString: arg1=null; arg2=error=true (property not equals) DEBUG 2009-01-28 08:39:17,707 SavedRequestAwareWrapper:<init> - Wrapper not replaced; SavedRequest was: SavedRequest[http://gir.ic.uva.nl/roller/roller-ui/login-redirect.rol] DEBUG 2009-01-28 08:39:17,707 FilterChainProxy$VirtualFilterChain:doFilter - /roller-ui/login.rol?error=true at position 6 of 8 in additional filter chain; firing Filter: 'org.acegisecurity.providers.anonymous.anonymousprocessingfil...@b1be82' DEBUG 2009-01-28 08:39:17,708 AnonymousProcessingFilter:doFilter - Populated SecurityContextHolder with anonymous token: 'org.acegisecurity.providers.anonymous.anonymousauthenticationto...@ad5d0569: Username: anonymous; Password: [PROTECTED]; Authenticated: true; Details: org.acegisecurity.ui.webauthenticationdeta...@fffed504: RemoteIpAddress: 145.18.xxx.xxx; SessionId: 09FE97A71314FF42872BCAE1D52453B0; Granted Authorities: ROLE_ANONYMOUS' DEBUG 2009-01-28 08:39:17,709 FilterChainProxy$VirtualFilterChain:doFilter - /roller-ui/login.rol?error=true at position 7 of 8 in additional filter chain; firing Filter: 'org.acegisecurity.ui.exceptiontranslationfil...@15264db' DEBUG 2009-01-28 08:39:17,709 FilterChainProxy$VirtualFilterChain:doFilter - /roller-ui/login.rol?error=true at position 8 of 8 in additional filter chain; firing Filter: 'org.acegisecurity.intercept.web.filtersecurityintercep...@5b8e8c' DEBUG 2009-01-28 08:39:17,710 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Candidate is: '/roller-ui/login.rol'; pattern is /roller-ui/login-redirect**; matched=false DEBUG 2009-01-28 08:39:17,710 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Candidate is: '/roller-ui/login.rol'; pattern is /roller-ui/profile**; matched=false DEBUG 2009-01-28 08:39:17,711 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Candidate is: '/roller-ui/login.rol'; pattern is /roller-ui/createWeblog**; matched=false DEBUG 2009-01-28 08:39:17,712 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Candidate is: '/roller-ui/login.rol'; pattern is /roller-ui/menu**; matched=false DEBUG 2009-01-28 08:39:17,712 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Candidate is: '/roller-ui/login.rol'; pattern is /roller-ui/authoring/**; matched=false DEBUG 2009-01-28 08:39:17,713 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Candidate is: '/roller-ui/login.rol'; pattern is /roller-ui/admin/**; matched=false DEBUG 2009-01-28 08:39:17,713 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Candidate is: '/roller-ui/login.rol'; pattern is /rewrite-status*; matched=false DEBUG 2009-01-28 08:39:17,714 PathBasedFilterInvocationDefinitionMap:lookupAttributes - Candidate is: '/roller-ui/login.rol'; pattern is /roller-ui/user.do*; matched=false DEBUG 2009-01-28 08:39:17,714 AbstractSecurityInterceptor:beforeInvocation - Public object - authentication not attempted DEBUG 2009-01-28 08:39:17,715 FilterChainProxy$VirtualFilterChain:doFilter - /roller-ui/login.rol?error=true reached end of additional filter chain; proceeding with original chain [rol...@gir etc]$ cat roller-custom.properties users.sso.enabled=true users.sso.autoProvision.enabled=false installation.type=manual database.configurationType=jdbc database.jdbc.driverClass=org.hsqldb.jdbcDriver database.jdbc.connectionURL=jdbc:hsqldb:file:/data/roller/var/rollerdb;shutdown=true database.jdbc.username=sa database.jdbc.password= mail.configurationType=properties mail.hostName=localhost [rol...@gir etc]$ cat security.xml <?xml version="1.0" encoding="UTF-8"?> <!-- Licensed to the Apache Software Foundation (ASF) under one or more contributor license agreements. The ASF licenses this file to You under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. For additional information regarding copyright in this work, please see the NOTICE file in the top level directory of this distribution. --> <!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd";> <beans> <!-- ======================== FILTER CHAIN ======================= --> <bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy"> <property name="filterInvocationDefinitionSource"> <value> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON PATTERN_TYPE_APACHE_ANT /**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor </value> <!-- Replace "authenticationProcessingFilter,rememberMeProcessingFilter" with "casProcessingFilter" if you want to use Roller with CAS --> </property> </bean> <!-- ======================== AUTHENTICATION ======================= --> <!-- Note the order that entries are placed against the objectDefinitionSource is critical. The FilterSecurityInterceptor will work from the top of the list down to the FIRST pattern that matches the request URL. Accordingly, you should place MOST SPECIFIC (ie a/b/c/d.*) expressions first, with LEAST SPECIFIC (ie a/.*) expressions last --> <bean id="filterInvocationInterceptor" class="org.acegisecurity.intercept.web.FilterSecurityInterceptor"> <property name="authenticationManager" ref="authenticationManager"/> <property name="accessDecisionManager" ref="accessDecisionManager"/> <property name="objectDefinitionSource"> <value> PATTERN_TYPE_APACHE_ANT /roller-ui/login-redirect**=admin,editor /roller-ui/profile**=admin,editor /roller-ui/createWeblog**=admin,editor /roller-ui/menu**=admin,editor /roller-ui/authoring/**=admin,editor /roller-ui/admin/**=admin /rewrite-status*=admin /roller-ui/user.do*=register </value> <!-- Add this to above list for LDAP/SSO configuration --> <!-- /roller-ui/user.do*=register --> </property> </bean> <bean id="authenticationManager" class="org.acegisecurity.providers.ProviderManager"> <property name="providers"> <list> <!-- <ref local="daoAuthenticationProvider"/> --> <!-- Uncomment this for LDAP/SSO configuration <ref local="ldapAuthProvider"/> --> <ref local="ldapAuthProvider"/> <!-- Uncomment this for CAS/SSO configuration <ref local="casAuthenticationProvider"/> --> <ref local="anonymousAuthenticationProvider"/> <!-- rememberMeAuthenticationProvider added programmatically --> </list> </property> </bean> <!-- Log failed authentication attempts to commons-logging --> <bean id="loggerListener" class="org.acegisecurity.event.authentication.LoggerListener"/> <bean id="daoAuthenticationProvider" class="org.acegisecurity.providers.dao.DaoAuthenticationProvider"> <property name="userDetailsService" ref="jdbcAuthenticationDao"/> <property name="userCache" ref="userCache"/> </bean> <!-- Read users from Roller API --> <bean id="jdbcAuthenticationDao" class="org.apache.roller.weblogger.ui.core.security.RollerUserDetailsService"/> <bean id="userCache" class="org.acegisecurity.providers.dao.cache.EhCacheBasedUserCache"> <property name="cache"> <bean class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <property name="cacheManager"> <bean class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> </property> <property name="cacheName" value="userCache"/> </bean> </property> </bean> <bean id="anonymousAuthenticationProvider" class="org.acegisecurity.providers.anonymous.AnonymousAuthenticationProvider"> <property name="key" value="anonymous"/> </bean> <bean id="roleVoter" class="org.acegisecurity.vote.RoleVoter"> <property name="rolePrefix" value=""/> </bean> <bean id="accessDecisionManager" class="org.acegisecurity.vote.AffirmativeBased"> <property name="allowIfAllAbstainDecisions" value="false"/> <property name="decisionVoters"> <list> <ref local="roleVoter"/> </list> </property> </bean> <!-- ===================== HTTP REQUEST SECURITY ==================== --> <bean id="httpSessionContextIntegrationFilter" class="org.acegisecurity.context.HttpSessionContextIntegrationFilter"/> <bean id="authenticationProcessingFilter" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilter"> <property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationFailureUrl" value="/roller-ui/login.rol?error=true"/> <property name="defaultTargetUrl" value="/"/> <property name="filterProcessesUrl" value="/roller_j_security_check"/> <property name="rememberMeServices" ref="rememberMeServices"/> </bean> <bean id="anonymousProcessingFilter" class="org.acegisecurity.providers.anonymous.AnonymousProcessingFilter"> <property name="key" value="anonymous"/> <property name="userAttribute" value="anonymous,ROLE_ANONYMOUS"/> </bean> <bean id="exceptionTranslationFilter" class="org.acegisecurity.ui.ExceptionTranslationFilter"> <!-- Change the ref on this property to "casProcessingFilterEntryPoint" when using CAS --> <property name="authenticationEntryPoint" ref="authenticationProcessingFilterEntryPoint"/> </bean> <bean id="remoteUserFilter" class="org.acegisecurity.wrapper.SecurityContextHolderAwareRequestFilter"/> <bean id="authenticationProcessingFilterEntryPoint" class="org.acegisecurity.ui.webapp.AuthenticationProcessingFilterEntryPoint"> <property name="loginFormUrl" value="/roller-ui/login.rol"/> <property name="forceHttps" value="false"/> </bean> <!-- ===================== REMEMBER ME ==================== --> <bean id="rememberMeProcessingFilter" class="org.acegisecurity.ui.rememberme.RememberMeProcessingFilter"> <property name="authenticationManager" ref="authenticationManager"/> <property name="rememberMeServices" ref="rememberMeServices"/> </bean> <bean id="rememberMeServices" class="org.acegisecurity.ui.rememberme.TokenBasedRememberMeServices"> <property name="userDetailsService" ref="jdbcAuthenticationDao"/> <property name="key" value="rollerlovesacegi"/> <property name="parameter" value="rememberMe"/> </bean> <bean id="rememberMeAuthenticationProvider" class="org.acegisecurity.providers.rememberme.RememberMeAuthenticationProvider"> <property name="key" value="rollerlovesacegi"/> </bean> <!-- ===================== SSL SWITCHING ==================== --> <bean id="channelProcessingFilter" class="org.acegisecurity.securechannel.ChannelProcessingFilter"> <property name="channelDecisionManager" ref="channelDecisionManager"/> <property name="filterInvocationDefinitionSource"> <value> PATTERN_TYPE_APACHE_ANT </value> </property> </bean> <bean id="channelDecisionManager" class="org.acegisecurity.securechannel.ChannelDecisionManagerImpl"> <property name="channelProcessors"> <list> <bean class="org.acegisecurity.securechannel.SecureChannelProcessor"/> <bean class="org.acegisecurity.securechannel.InsecureChannelProcessor"/> </list> </property> </bean> <!-- ===================== LDAP AUTHENTICATION ==================== --> <!-- BEGIN: Sample LDAP/RollerDB hybrid security configuration --> <bean id="initialDirContextFactory" class="org.acegisecurity.ldap.DefaultInitialDirContextFactory"> <constructor-arg value="ldap://ldap1.xxxx.uva.nl/ou=Medewerkers,o=Universiteit\20van\20Amsterdam,c=NL"/> <property name="managerDn" value="uid=a_user_that_has_sufficient_rights,ou=Special Users,o=Universiteit van Amsterdam,c=NL"/> <property name="managerPassword" value="this_is_not_the_real_password"/> </bean> <bean id="ldapUserSearch" class="org.acegisecurity.ldap.search.FilterBasedLdapUserSearch"> <constructor-arg index="0" value=""/> <constructor-arg index="1" value="uid={0}"/> <constructor-arg index="2" ref="initialDirContextFactory"/> <property name="searchSubtree" value="true"/> </bean> <bean id="ldapAuthProvider" class="org.acegisecurity.providers.ldap.LdapAuthenticationProvider"> <constructor-arg> <bean class="org.acegisecurity.providers.ldap.authenticator.BindAuthenticator"> <constructor-arg ref="initialDirContextFactory"/> <property name="userSearch" ref="ldapUserSearch"/> </bean> </constructor-arg> <constructor-arg ref="jdbcAuthoritiesPopulator"/> <property name="userCache" ref="userCache"/> </bean> <bean id="jdbcAuthoritiesPopulator" class="org.apache.roller.weblogger.ui.core.security.AuthoritiesPopulator"> <property name="defaultRole" value="register"/> </bean> <!-- END Sample LDAP/RollerDB hybrid security configuration --> <!-- ======================== CENTRAL AUTHENTICATION SERVICE (CAS) ======================= --> <!-- BEGIN: Sample CAS/RollerDB hybrid security configuration <bean id="casProcessingFilter" class="org.acegisecurity.ui.cas.CasProcessingFilter"> <property name="authenticationManager" ref="authenticationManager"/> <property name="authenticationFailureUrl" value="/roller-ui/login.rol?error=true"/> <property name="defaultTargetUrl" value="/"/> <property name="filterProcessesUrl" value="/roller_j_security_check"/> </bean> <bean id="casProcessingFilterEntryPoint" class="org.acegisecurity.ui.cas.CasProcessingFilterEntryPoint"> <property name="loginUrl" value="https://localhost:8443/cas/login"/> <property name="serviceProperties" ref="serviceProperties"/> </bean> <bean id="casAuthenticationProvider" class="org.acegisecurity.providers.cas.CasAuthenticationProvider"> <property name="casAuthoritiesPopulator"> <bean class="org.apache.roller.weblogger.ui.core.security.RollerCasPopulator"> <property name="userDetailsService" ref="jdbcAuthenticationDao"/> </bean> </property> <property name="casProxyDecider" ref="casProxyDecider"/> <property name="ticketValidator" ref="casProxyTicketValidator"/> <property name="statelessTicketCache" ref="statelessTicketCache"/> <property name="key" value="rollerlovesacegi"/> </bean> <bean id="casProxyTicketValidator" class="org.acegisecurity.providers.cas.ticketvalidator.CasProxyTicketValidator"> <property name="casValidate" value="https://localhost:8443/cas/proxyValidate"/> <property name="proxyCallbackUrl" value="http://localhost:8080/roller/casProxy/receptor"/> <property name="serviceProperties" ref="serviceProperties"/> <property name="trustStore" value="/Library/Java/Home/lib/security/cacerts"/> </bean> <bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean"/> <bean id="ticketCacheBackend" class="org.springframework.cache.ehcache.EhCacheFactoryBean"> <property name="cacheManager" ref="cacheManager"/> <property name="cacheName" value="ticketCache"/> </bean> <bean id="statelessTicketCache" class="org.acegisecurity.providers.cas.cache.EhCacheBasedTicketCache"> <property name="cache" ref="ticketCacheBackend"/> </bean> <bean id="casProxyDecider" class="org.acegisecurity.providers.cas.proxy.RejectProxyTickets"/> <bean id="serviceProperties" class="org.acegisecurity.ui.cas.ServiceProperties"> <property name="service" value="http://localhost:8080/roller/roller_j_security_check"/> <property name="sendRenew" value="false"/> </bean> --> <!-- END Sample CAS/RollerDB hybrid security configuration --> </beans> -- View this message in context: http://www.nabble.com/Roller-4-with-SSO-LDAP-authentication--tp21624674s12275p21701506.html Sent from the Roller - User mailing list archive at Nabble.com.
