Return-Path: X-Original-To: apmail-tomcat-users-archive@www.apache.org Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 7AFC2C0BE for ; Fri, 14 Mar 2014 14:10:15 +0000 (UTC) Received: (qmail 45417 invoked by uid 500); 14 Mar 2014 14:10:09 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 44540 invoked by uid 500); 14 Mar 2014 14:10:08 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 44289 invoked by uid 99); 14 Mar 2014 14:10:08 -0000 Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 14 Mar 2014 14:10:08 +0000 X-ASF-Spam-Status: No, hits=1.7 required=5.0 tests=FREEMAIL_ENVFROM_END_DIGIT,HTML_MESSAGE,RCVD_IN_DNSWL_LOW,SPF_PASS X-Spam-Check-By: apache.org Received-SPF: pass (athena.apache.org: domain of donahulf2@gmail.com designates 209.85.214.170 as permitted sender) Received: from [209.85.214.170] (HELO mail-ob0-f170.google.com) (209.85.214.170) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 14 Mar 2014 14:10:03 +0000 Received: by mail-ob0-f170.google.com with SMTP id uz6so2624626obc.1 for ; Fri, 14 Mar 2014 07:09:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=YERbzjTjLnPfDczfvLbRSPqML6iow74ryAAKKUPSTnc=; b=AQ/P+V9a7r4TUqISQb7ypP/ZHXdfyt1yTJjRb40GDkReVPrRM4oahv3MeMVReorBm7 zbSeklJ8h1Nuj1NnCywnYHy2L6R6V7E3/ElV5B2OG0qDpeQUcuoCWLfVn6r8CFD+i3Fi 9O41hgnWWJVdz4ZVPFKlpeaGP4A8Kl2q3qubUzbW5OtKEI17zmet0ymlxWyKwPeZoMG5 4hYhOhMRdoNATbvvLuirIOnPUmJifpB/SaFjGWDi7aXaX+Rne5kpu3vk/DAHVx4ARyio oTQ3p+GV1vsm81ujuatAcEAYe2hMRNozzibkLLbRv0l3ItSfOrBCNVHUhS/2GNS7idzB 5Wag== MIME-Version: 1.0 X-Received: by 10.182.92.231 with SMTP id cp7mr1016552obb.82.1394806182870; Fri, 14 Mar 2014 07:09:42 -0700 (PDT) Received: by 10.60.144.69 with HTTP; Fri, 14 Mar 2014 07:09:42 -0700 (PDT) In-Reply-To: References:

Date: Fri, 14 Mar 2014 07:09:42 -0700 Message-ID: Subject: Re: JNDIRealm - Active Directory Roles From: Leo Donahue To: Tomcat Users List Content-Type: multipart/alternative; boundary=001a11c302cc0f82a604f4919f54 X-Virus-Checked: Checked by ClamAV on apache.org --001a11c302cc0f82a604f4919f54 Content-Type: text/plain; charset=ISO-8859-1 On Fri, Mar 14, 2014 at 2:12 AM, wrote: > Hello, > > thanks for your reply. It doesn't make any difference. > > I don't understand how the authenticated user receive permissions for one > of these roles: > > > > > > > That is a UserDatabaseRealm: org.apache.catalina.realm.UserDatabaseRealm Those roles are different than what would be in your ldap, which is a: org.apache.catalina.realm.JNDIRealm Which realm do you want to use? --001a11c302cc0f82a604f4919f54--