tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Assaf Arkin <ar...@exoffice.com>
Subject Re: login-config handling (was Re: Help with Interceptors)
Date Fri, 11 Feb 2000 19:36:05 GMT
> What Craig (and the spec) mention here is key to understanding that the
> 'Realm' objects need to have scope across all Contexts (perhaps through the
> ContextManager).
> 
> It would be then up to the implementor to group different contexts into
> (shared) realms.

+1

> > What we're saying is that the values returned by getRemoteUser() and
> > getUserPrincipal() would be global to multiple apps, with only a single login
> > challenge.  The sessions would still be unique per context, but you'd be able
> to
> > count on the fact that the container authenticated the user for you.

+1

arkin


> 
> In the current implementation, we went with an approach that different
> contexts share a session registry.
> 
> We did this indirectly by defining a SessionTable object associated with
> the Context(s).
> 
> All contexts refer to the same session table.
> 
> The key to the session table is based on the sessionId that we generate.
> The value of the session table entry is the HttpSession object obtained from
> the request.
> 
> --
> We will need to modify this once security is implemented and in place.
> 
> Arieh
> --
>  Arieh Markel                           Sun Microsystems Inc.
>  Network Storage                        500 Eldorado Blvd. MS UBRM11-194
>  e-mail: arieh.markel@sun.COM           Broomfield, CO 80021
>  Let's go Panthers !!!!                 Phone: (303) 272-8547 x78547
>  (e-mail me with subject SEND PUBLIC KEY to get public key)
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org

-- 
----------------------------------------------------------------------
Assaf Arkin                                           www.exoffice.com
CTO, Exoffice Technologies, Inc.                        www.exolab.org

Mime
View raw message