Rob, this is how i setup in app web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Group_Name</role-name>
</auth-constraint>
</security-constraint>
... and this is what i have in
tomcat server.xml:
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="ldap://ldapserver:389"
userBase="o=MY_COMPANY"
userSearch="(cn={0})"
userSubtree="true"
roleBase=""
roleName="cn"
roleSearch="(member={0})" />
I did not get recursive lookup of role to work as domino does not support nested grouping. let me know if you manange to do this.
luke