Hi,
I'm using GFv2ur2(9.1_02), Java 6 (1.6.0_06), NB 6.1.
With auth-method=BASIC and realm-name=ldapRealm I can do authentication and authorization.
The password can be verified against LDAP and the role/group mapping against LDAP works as designed.
With auth-method=CLIENT-CERT and realm-name=certificate the authentication works between smart card and GF.
The cert chain can be verfied if the ca certs are in the truststore of the GF.
But what is with the authorization?
I'm not talking about the possibility to assign some default groups to everyone in the admin gui (area certificate).
This is useful for hello world apps or some generell rights. I need rights according to the users ldap dn.
[b]Q1: How can LDAP groups be mapped to the user if using certificates?[/b]
Q2: Is there any sense not to bundle auth-method=CLIENT-CERT with realm-name=certificate?
Q3: Can auth-method=CLIENT-CERT at all be combined with e.g. realm-name=ldapRealm (to achieve Q1 maybe)?
best regards
[Message sent by forum member 'moj2ee' (moj2ee)]
http://forums.java.net/jive/thread.jspa?messageID=274236