tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrew Conrad" <andrewcon...@attbi.com>
Subject RE: Realm Security Implementation Question [OT]
Date Wed, 21 Aug 2002 22:31:15 GMT
Your users and roles are in a DB?  It's almost JDBCRealm, except you
have a table of roles for each application.  

Take a look at the JDBCRealm and I bet you could make your own Realm
based loosely on that.

- Andrew

> -----Original Message-----
> From: Hookom, Jacob John [mailto:hookomjj@uwec.edu] 
> Sent: Wednesday, August 21, 2002 4:20 PM
> To: tomcat-user@jakarta.apache.org
> Subject: Realm Security Implementation Question [OT]
> 
> 
> We are trying to figure out a way to handle realm-based 
> security in a multi-application environement where users and 
> their roles are specified in a DB.  Users are stored in one 
> table with password and there is a table for each application 
> definining permissions for the user.
>  
> I have been looking at the new JAASRealm the Craig put 
> together, but I'm not sure if it's exactly what we need or if 
> it's going overboard.  Otherwise we have to represent roles 
> in this manner: [applicationName]:[applicationId]:[role] and 
> have a specialized realm do string parsing to validate roles 
> within an application.  Our applications are deployed under a 
> single war to take advantage of a pseudo single sign-on.
>  
> Any suggestions would be apprechiated,
>  
> Jacob
> 
> --
> To unsubscribe, e-mail:   
> <mailto:tomcat-user-> unsubscribe@jakarta.apache.org>
> For 
> additional commands, 
> e-mail: <mailto:tomcat-user-help@jakarta.apache.org>
> 


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message