Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Message-ID: <007e01c3bdae$2eda6650$800101df@febbraro.local>
From: "Frank Febbraro" <frankfebbraro@earthlink.net>
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
References: <9C5166762F311146951505C6790A9CF8013DF80B@US-VS1.corp.mpi.com>
Subject: Re: More sophisticated JDBCRealm Security
Date: Mon, 8 Dec 2003 12:10:29 -0500
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Well crap!

Turns out we are using MySQL 4.0.x which does not have support for views.

Can anyone point me in a direction that would help me in implementing my own
Realm (either brand new or by extending another)

Thank you very much,
Frank

----- Original Message ----- 
From: "Shapira, Yoav" <Yoav.Shapira@mpi.com>
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Sent: Monday, December 08, 2003 11:49 AM
Subject: RE: More sophisticated JDBCRealm Security


Howdy,
Your other option is to extend JDBCRealm into your own custom realm
implementation.

Yoav Shapira
Millennium ChemInformatics


>-----Original Message-----
>From: Frank Febbraro [mailto:frankfebbraro@earthlink.net]
>Sent: Monday, December 08, 2003 11:41 AM
>To: Tomcat Users List
>Subject: Re: More sophisticated JDBCRealm Security
>
>What about the fact that the groupId column in User is called id in the
>Groups table, would it be a case of making another view to accomplish
that
>translation too?
>
>Besides craeting views, which is easy, what are the other options here?
>
>----- Original Message -----
>From: "Shapira, Yoav" <Yoav.Shapira@mpi.com>
>To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
>Sent: Monday, December 08, 2003 10:48 AM
>Subject: RE: More sophisticated JDBCRealm Security
>
>
>
>Howdy,
>The typical solution in many cases involving JDBCRealm is (if you don't
>want to customize the realm by coding) to create a view for use by the
>JDBC realm.  In your case, you'd create a view on the user table where
>only active users are shown, and configure the JDBC realm to query this
>view rather than the user table.
>
>Yoav Shapira
>Millennium ChemInformatics
>
>
>>-----Original Message-----
>>From: Frank Febbraro [mailto:frankfebbraro@earthlink.net]
>>Sent: Monday, December 08, 2003 10:48 AM
>>To: Tomcat Users List
>>Subject: More sophisticated JDBCRealm Security
>>
>>In looking through the docs I am surpised that I dont see a way to do
>some
>>more "sophisticated" JDBCRealm security. I may just be looking in the
>wrong
>>place or misreading something so please let me know if I am.
>>
>>My DB tables are arranged as follows
>>
>>create table user
>>(
>>   id BIGINT NOT NULL AUTO_INCREMENT,
>>   email VARCHAR(100) not null unique,
>>   groupId BIGINT not null,
>>   password VARCHAR(20) not null,
>>   active BIT,
>>   primary key (id)
>>);
>>
>>create table groups
>>(
>>   id BIGINT NOT NULL AUTO_INCREMENT,
>>   role VARCHAR(255) not null,
>>   primary key (id)
>>);
>>
>>The email address is the "user login", password is obvious.
>>
>>I would want something that would only let ACTIVE users log in (active
>=
>>1),
>>and User.groupId maps to Groups.id field.
>>
>>Using the standard JDBCRealm I do not see how this is possible. Would
I
>>actually have to create my own custom Realm implementation in order to
>>achieve these goals?
>>
>>Thanks for any input/advice,
>>Frank
>>
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>
>
>This e-mail, including any attachments, is a confidential business
>communication, and may contain information that is confidential,
>proprietary
>and/or privileged.  This e-mail is intended only for the individual(s)
to
>whom it is addressed, and may not be saved, copied, printed, disclosed
or
>used by anyone else.  If you are not the(an) intended recipient, please
>immediately delete this e-mail from your computer system and notify the
>sender.  Thank you.
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


This e-mail, including any attachments, is a confidential business
communication, and may contain information that is confidential, proprietary
and/or privileged.  This e-mail is intended only for the individual(s) to
whom it is addressed, and may not be saved, copied, printed, disclosed or
used by anyone else.  If you are not the(an) intended recipient, please
immediately delete this e-mail from your computer system and notify the
sender.  Thank you.


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org