I have a strange problem. I have a simple app that needs to authenticate via ldap.
I am using: tomcat 6.0.16. eclipse 3.3 Debian (etch in production, lenny on development) On my development machine I have no problems. I run tomcat from eclipse 3.3. The production server is a virtual machine. The strange part is that it is authenticating people logging in but not authorising them. We have 2 posix groups in ldap which are supposed to define the roles. That must be where it is failing because I can log in but immediately get 403 forbidden error. this is my realm definition from server.conf <Realm className="org.apache.catalina.realm.JNDIRealm" debug="99" connectionURL="ldaps://ldapserver.mbuyu.nl" connectionName="uid=somuser,ou=services,dc=m4n,dc=nl" connectionPassword="apassword" userPattern="uid={0},ou=users,dc=m4n,dc=nl" roleBase="ou=groups,dc=m4n,dc=nl" roleName="cn" roleSearch="memberUid={0}" /> I've tried substituting {1} in the roleSearch, I've tried it with and without parentheses. I've restarted every single server that might have anything to do with anything. To make it stranger I can tell you that this has also worked. We had GroupOfUniqueNames first. The problems didn't start with switching to Posix Groups however. The Posix Groups were made because of sysadmin random decision. It still shouldn't matter as it works on development with either configuration. any help would be appreciated. mvg, Jasper --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]