Hi Ron,
Just one question left. Hope you can help me.
Suppose the principal info is put in the (webtier) context by the wsp agent.
(samlv2 assertions) Is there any way of propagating that info to the ejb
tier "automagically" as well? (So it can used by the J2EE policy agent?)
Thank you,
Wim
-----Original Message-----
From: glassfish_at_javadesktop.org [mailto:glassfish_at_javadesktop.org]
Sent: woensdag 11 juni 2008 19:54
To: users_at_glassfish.dev.java.net
Subject: Re: request for feature : "automagic" ldap group to j2ee role
mapping
In Glassfish, go to the admin console and open configuration -> security and
then check
the "Default Principal To Role Mapping Enabled" box.
if you have defined a principal-2-role mapping in any of the sun-specific
deployment decriptors of your application, remove the mappings.
redeploy your app, and you should get the behavior you expect (i.e group x
will be mapped to role x)
this feature is not required by the EE platform, but I believe it is also
available in Tomcat.
you can find more details at:
http://blogs.sun.com/monzillo/entry/principal_2_role_mapping_and
Ron
[Message sent by forum member 'monzillo' (monzillo)]
http://forums.java.net/jive/thread.jspa?messageID=279763
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
For additional commands, e-mail: users-help_at_glassfish.dev.java.net