Groups in LDAP or AD are translated to granted authorities in Acegi. IIRC, a prefix is added to the group name. So if you have an ad group called "Webapp" the authority is "ROLE_Webapp".
Hope that helps Nathan ----- Original Message ----- From: "Rick Osborn" <[EMAIL PROTECTED]> To: [email protected] Sent: Friday, November 2, 2007 9:46:21 AM (GMT-0800) America/Los_Angeles Subject: [appfuse-user] Granted Authorities We have a Spring application authenticating with Acegi. It is trying to access Microsoft Active Directory via LDAP. I've seen some documention describing this configuration but it's not alot of details. We are getting an Authentication object back. It does not have any granted authorities. We can log in but are not allowed access to the first available page. Are there no roles defined in Active Directory? Is it not wired up correctly to translate the existing roles into the Authentication object? -- _______________________________________ "You can't spell 'danger' without an E.R.". --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
