Return-Path: Delivered-To: apmail-jakarta-tomcat-dev-archive@apache.org Received: (qmail 19280 invoked from network); 8 Apr 2003 05:12:31 -0000 Received: from exchange.sun.com (192.18.33.10) by daedalus.apache.org with SMTP; 8 Apr 2003 05:12:31 -0000 Received: (qmail 8052 invoked by uid 97); 8 Apr 2003 05:14:32 -0000 Delivered-To: qmlist-jakarta-archive-tomcat-dev@nagoya.betaversion.org Received: (qmail 8044 invoked from network); 8 Apr 2003 05:14:32 -0000 Received: from daedalus.apache.org (HELO apache.org) (208.185.179.12) by nagoya.betaversion.org with SMTP; 8 Apr 2003 05:14:32 -0000 Received: (qmail 64311 invoked by uid 500); 8 Apr 2003 04:55:33 -0000 Mailing-List: contact tomcat-dev-help@jakarta.apache.org; run by ezmlm Precedence: bulk List-Unsubscribe: List-Subscribe: List-Help: List-Post: List-Id: "Tomcat Developers List" Reply-To: "Tomcat Developers List" Delivered-To: mailing list tomcat-dev@jakarta.apache.org Received: (qmail 43144 invoked from network); 7 Apr 2003 23:24:12 -0000 Received: from pheriche.sun.com (192.18.98.34) by daedalus.apache.org with SMTP; 7 Apr 2003 23:24:12 -0000 Received: from ha2sca-mail1.SFBay.Sun.COM ([129.145.155.62]) by pheriche.sun.com (8.9.3p2+Sun/8.9.3) with ESMTP id RAA02250 for ; Mon, 7 Apr 2003 17:24:20 -0600 (MDT) Received: from apache.org (d-usca14-133-182 [129.145.133.182]) by ha2sca-mail1.SFBay.Sun.COM (8.11.6+Sun/8.10.2/ENSMAIL,v2.1p1) with ESMTP id h37NOJD23490 for ; Mon, 7 Apr 2003 16:24:19 -0700 (PDT) Message-ID: <3E920911.6080203@apache.org> Date: Mon, 07 Apr 2003 16:26:09 -0700 From: Amy Roh User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.0.2) Gecko/20030208 Netscape/7.02 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Tomcat Developers List Subject: Re: default JAAS realm for StandardEngine References: <3E90A009.6060309@apache.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Costin Manolache wrote: > Amy Roh wrote: > > >>What's the background for StandardEngine returning JAAS realm by default >>when its realm is null? >> >>Thanks, >>Amy > > > Speaking of auth: how difficult would it be to change the user management > part in /admin to use a different model. > > Instead of one mbean per user - which is extremely inefficient and can't > scale - it would be one mbean for the entire realm. It can have a method > to return the list of user names, and one to return attributes for > an individual user. Or something like that. > Not sure. I know it won't be trivial. As you probably know, user, group, role mbeans are implemented in mbeans directory using User, Group, Role interfaces in o.a.c. Craig worked on those. Well, since JAASRealm is set as default Realm for engine, it gets added when an engine is created via admin. JAASRealm isn't currently supported in admin. What are the editable properties for the realm? Thanks, Amy > I didn't do any research in this area - if there are any reasonable user > management APIs in use. > > IMO JAAS should be recomended for authentication, and we should also try to > get JAAS LoginModules to be manageable and register an mbean. That would > be very usefull for other reasons - monitoring, caching and also consistent > configuration ( i.e. people would configure the mbean, and not have to edit > login.config options ). > > Costin > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org > For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org > --------------------------------------------------------------------- To unsubscribe, e-mail: tomcat-dev-unsubscribe@jakarta.apache.org For additional commands, e-mail: tomcat-dev-help@jakarta.apache.org