tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Randy Layman <randy.lay...@aswethink.com>
Subject RE: User login logging (JDBC authentication)
Date Thu, 05 Jul 2001 12:47:51 GMT

	From IIS you can only set the access to Tomcat as a whole, not
individually.  Tomcat controls access to the individual resources (IIS
doesn't know what they are).

	You can view (and modify) the username and password in the session,
I think the session field names are j_security_username and
j_security_password, but don't remember right now - you can get a session
object back for a secured user and then iterate over the fields.

	Randy

> -----Original Message-----
> From: Rajehswar V. Rao [mailto:rajeshwarraov@erunway.com]
> Sent: Thursday, July 05, 2001 9:11 AM
> To: 'tomcat-user@jakarta.apache.org'
> Subject: RE: User login logging (JDBC authentication)
> 
> 
> Hi Randy and all,
> if that is the case where can i set username and password....
> And one more thing, i am using tomcat with IIS ...can i restrict
> resources(JSPs and Servlets) on 
> tomcat from IIS...
> Any help would be appreciated....
> -raj-
> 
> -----Original Message-----
> From: Randy Layman [mailto:randy.layman@aswethink.com]
> Sent: Thursday, July 05, 2001 5:32 PM
> To: tomcat-user@jakarta.apache.org
> Subject: RE: User login logging (JDBC authentication)
> 
> 
> 
> 	What is happening is that Tomcat is using the user's credentials
> (username/password) in the Session to authenticate.  If they 
> are not there
> or invalid, then the user is prompted to log in again.
> 
> 	Randy
> 
> > -----Original Message-----
> > From: Mark Muffett [mailto:markm@its-axiom.com]
> > Sent: Thursday, July 05, 2001 8:33 AM
> > To: tomcat-user@jakarta.apache.org
> > Subject: Re: User login logging (JDBC authentication)
> > 
> > 
> > Raj and all
> > 
> > I've managed to make the changes (very easy), but of course 
> > it doesn't work
> > exactly as I wanted it.... (isn't life always like that...)
> > 
> > I've got a database which is filling up fast since a new log 
> > gets written to
> > it every time a user accesses a new page (probably about 100 
> > times each
> > session).
> > 
> > Tomcat clearly knows what a session is (since it doesn't ask 
> > the user to log
> > in again for each page) - any idea where it does this?
> > 
> > Thanks for any help.
> > 
> > Mark
> > 
> > ----- Original Message -----
> > From: "Rajehswar V. Rao" <rajeshwarraov@erunway.com>
> > To: <tomcat-user@jakarta.apache.org>
> > Sent: Thursday, July 05, 2001 12:21 PM
> > Subject: RE: User login logging (JDBC authentication)
> > 
> > 
> > > Hi Mark and all,
> > > I think my situation is also almost same....
> > > I have set of JSPs under my \myContext\jsp...
> > > I dont want to give access to the users to these JSPs once 
> > they have been
> > > authnticated...
> > > One of the JSPs authenticate the user....
> > > please do help...
> > > -raj-
> > >
> > > -----Original Message-----
> > > From: Mark Muffett [mailto:markm@its-axiom.com]
> > > Sent: Wednesday, July 04, 2001 1:59 PM
> > > To: tomcat-user@jakarta.apache.org
> > > Subject: Re: User login logging (JDBC authentication)
> > >
> > >
> > > Sorry! - found it now (in tomcat_modules.jar).
> > >
> > > Mark
> > >
> > > ----- Original Message -----
> > > From: "Mark Muffett" <markm@its-axiom.com>
> > > To: <tomcat-user@jakarta.apache.org>; "Antony Bowesman" 
> > <adb@teamware.com>
> > > Sent: Wednesday, July 04, 2001 8:37 AM
> > > Subject: Re: User login logging (JDBC authentication)
> > >
> > >
> > > > Antony
> > > >
> > > > Many thanks for the suggestion, but where can I find this 
> > - I've looked
> > > > through the jar files in the common and container directories of
> > > > $TOMCAT_HOME/lib, but nothing stands out.  Maybe I've missed it?
> > > >
> > > > Any help appreciated.
> > > >
> > > > Thanks
> > > >
> > > > Mark
> > > >
> > > >
> > > > ----- Original Message -----
> > > > From: "Antony Bowesman" <adb@teamware.com>
> > > > To: <tomcat-user@jakarta.apache.org>
> > > > Sent: Thursday, June 28, 2001 4:58 PM
> > > > Subject: Re: User login logging (JDBC authentication)
> > > >
> > > >
> > > > > Mark Muffett wrote:
> > > > > >
> > > > > > Any ideas how best to log succesful (or unsuccesful) 
> > logins via
> > > > > > JDBC authentication.  The big problem is that the 
> > user may have
> > > > > > bookmarked any one of a number of protected pages, 
> > and it isn't
> > > > > > practical to put code on each of them.
> > > > >
> > > > > Just change the JDBC realm authenticate() method to log 
> > the result of
> > > > > the authentication.
> > > > >
> > > > > Antony
> > > > >
> > > >
> > >
> > 
> 

Mime
View raw message