diff options
Diffstat (limited to 'sandbox/lresende')
-rw-r--r-- | sandbox/lresende/sca/samples/store-secure-webapp/src/main/webapp/WEB-INF/geronimo-web.xml | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/sandbox/lresende/sca/samples/store-secure-webapp/src/main/webapp/WEB-INF/geronimo-web.xml b/sandbox/lresende/sca/samples/store-secure-webapp/src/main/webapp/WEB-INF/geronimo-web.xml index 1183b91370..705010bf7c 100644 --- a/sandbox/lresende/sca/samples/store-secure-webapp/src/main/webapp/WEB-INF/geronimo-web.xml +++ b/sandbox/lresende/sca/samples/store-secure-webapp/src/main/webapp/WEB-INF/geronimo-web.xml @@ -32,18 +32,17 @@ <web:security-realm-name>ldap-realm</web:security-realm-name> <sec:security> <sec:role-mappings> - <sec:role role-name="manager"> - <sec:principal name="PWEST" class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" /> - </sec:role> - <sec:role role-name="user"> - <sec:principal name="PHAGE" class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" /> - </sec:role> + <!-- <sec:role role-name="manager"> <sec:principal name="lmanager" class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" /> </sec:role> <sec:role role-name="user"> <sec:principal name="lresende" class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" /> </sec:role> + --> + <sec:role role-name="manager"> + <sec:principal name="managers" class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" designated-run-as="true"/> + </sec:role> </sec:role-mappings> </sec:security> @@ -63,9 +62,9 @@ <lc:option name="userBase">ou=people,dc=tnc,dc=org</lc:option> <lc:option name="userSearchMatching">uid={0}</lc:option> <lc:option name="userSearchSubtree">false</lc:option> - <lc:option name="roleBase">ou=people,dc=tnc,dc=org</lc:option> + <lc:option name="roleBase">ou=groups,dc=tnc,dc=org</lc:option> <lc:option name="roleName">cn</lc:option> - <lc:option name="roleSearchMatching">(objectClass={0})</lc:option> + <lc:option name="roleSearchMatching">(member={0})</lc:option> <lc:option name="roleSearchSubtree">false</lc:option> </lc:login-module> </lc:login-config> |