tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Costin Manolache <cmanola...@yahoo.com>
Subject Re: default JAAS realm for StandardEngine
Date Mon, 07 Apr 2003 14:43:50 GMT
Jean-Francois Arcand wrote:

> This introduce a bug because if you want to set a different Realm for
> each Context, the Engine default value will override the Context one.
> IMBW, but from the test I'm doing using the embedded interface, I always
> received the engine one instead of the Context one.
> 
> Why not setting the realm outside StandardEngine? We will still supports
> JAAS as default.

I preffer to minimize the ammount of settings to get a default config. 
IMO what needs to be fixed is the overriding - you should be able to
override per context ( i.e. context should override ).

I'll try to fix it - the docs and the code seemed to suggest that 
Context overrides Engine, not the other way. 

How are you testing the realm with the embeded interface ? Are you using
"run" or "run2" ( first uses server.xml - the second is the real one with
only JMX ). I don't think setting the Realm on a context via JMX is
implemented yet - that may be part of the problem :-)

Costin



> 
> -- Jeanfrancois
> 
>>
>>The rationale is simple - JAAS is the standard for authentication in
>>java:-) And since other systems use JAAS, it would be easier to integrate
>>and to develop auth modules.
>>
>>I don't know if we'll get to refactor the database and LDAP module to
>>JAAS login modules - that would make them useable in other apps, but
>>it will be a bit harder to configure.
>>
>>The config for JAAS may be a bit tricky - if you want to try it,
>>I used:
>>
>>Tomcat-Standalone {
>>    org.apache.catalina.realm.JAASMemoryLoginModule Required
>>pathname="/opt/50/conf/tomcat-users.xml"
>>    ;
>>}
>>in ~/.java.login.config
>>
>>
>>Costin
>>
>>
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org
>>
>>
>>  
>>



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org


Mime
View raw message