tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: svn commit: r691805 - in /tomcat/trunk: java/org/apache/catalina/realm/ java/org/apache/catalina/startup/ webapps/docs/ webapps/docs/config/
Date Wed, 03 Sep 2008 22:42:50 GMT
Remy Maucherat wrote:
> On Wed, 2008-09-03 at 23:25 +0100, Mark Thomas wrote:
>> markt@apache.org wrote:
>>> Author: markt
>>> Date: Wed Sep  3 15:18:39 2008
>>> New Revision: 691805
>>>
>>> URL: http://svn.apache.org/viewvc?rev=691805&view=rev
>>> Log:
>>> Add a new combined Realm that can be used to try authenticating against multiple
realms.
> 
>> Note that whilst users have been asking for this for a while, I wrote this
>> as the basis for a LockOut Realm (to follow) that will lock out users after
>>  a set number of failed logins (with lots of configuration options). This
>> is in response to the incidents back in July/August where it appeared
>> attackers were using brute force attacks to gain access to Tomcat webapps,
>> mainly the admin and manager app. Granted these apps shouldn't be public
>> facing but adding LockOut functionality to the Realms is a good idea from a
>> security point of view.
>>
>> The LockOut Realm will follow when I finish writing it ;)
> 
> Ah ok, but besides some special functions realms like this LockOut
> thing, it does not seem to me like good security to store credentials in
> multiple places :(

There are pros and cons of a single user repository. Just about every
organisation I have ever worked with has had multiple user repositories of
one form or another. I'd have to go back over the user archives but the
sort of requirements I recall are things like:

- post company merger get user info from two (or more) different LDAP
directories
- 'normal' users from XYZ database and the sys admins from some other source
etc

If there is a risk of duplicate user names in the repositories then that
could be an issue.

To be honest, the combined realm is a potentially useful side effect of
what looks to be the easiest way of doing the lock out which is my real
focus here.

Mark


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message