tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Murray" <mp...@optusnet.com.au>
Subject RE: Custom authenticate
Date Tue, 30 Sep 2003 13:18:03 GMT
Damian,

Tim suggested "user/group" or "user@group".  That didn't work for you but
what about "role in group" where this is really a set of roles for which you
allow the user to specify the group part of the name.

In this case your security model would have roles such as "customer" and
"vendor" and groups such as "retail" and "wholesale" but the Tomcat
authentication structure would have roles of "retail-customer",
"retail-vendor", "wholesale-customer" and "wholesale-vendor".  The number of
roles may get fairly large and you may want to consider a tool to manage
them but the concept would probably work.

I think you would have to write your own "isUserInRole" check to allow you
to concatenate the variables retrieved from the application but it wouldn't
be very complicated.

Murray
-----Original Message-----
From: Damian Minkov [mailto:damian@space-comm.com]
Sent: Tuesday, 30 September 2003 19:40
To: tomcat-user@jakarta.apache.org
Subject: Custom authenticate


For 2 weeks I'm fighting with the authentication in Tomcat.

Is it possible to make it authenticate the user with 3 params.
For example username, password, and group belongs to.
I need the third one because the roles of the user are different for
different groups.

I tried to make my own Valve and realm and to use the Valve as
authenticator but I can't get it work.

Some ideas ?
10x in advance



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org




Mime
View raw message