tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roland" <>
Subject Re: Limits on the size of the web.xml file?
Date Mon, 03 Sep 2001 19:19:48 GMT
> Sounds like a redesign is more appropriate.
> Memory issues aside, have you considered the fact that using individual
> security constraints for each and every user means that you have to
> restart the entire app every time you add a new user?  Or, that every time
> you add a user and restart, the restart time gets longer and longer?

Thats a problem!

> Use application specific logic to ensure that a particular user can only
> see things that are relevant to them (i.e.  their own mailbox in a
> WebMail scenario).

That was my original design idea. BUT, in this case I don't know how to
prevent someone to see the data from other users. How can I stop someone
from trying to access the mail from someone else? Supposing that all
"standard" users will have the same role, the security will allow him to see
all directories.

A question besides here, using JDBC realms is it possible to assign mutliple
roles to one user? How do I do it? Do I have to put several entries in the
user_roles table? One line for each role of the user?

Thanks in advance...

View raw message