tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Wendy Smoak <>
Subject Tomcat user 'roles' question
Date Fri, 08 Apr 2005 17:41:11 GMT
The only exposure that I have to this is configuring tomcat-users.xml so I
can use the manager webapp, so please bear with me.

I've got several web front-ends for a non-JDBC database.  There is a 'green
screen' (telnet) app running against the DB that uses a system of user
security classes to which different 'screens' are assigned.  That data is
stored in the DB itself.  We've fit the web front end into this system by
assigning each 'page' of the webapp a 'screen id', so that the admin can
define who sees what in a single place.

What I'm wondering is if there's any hope of using this data with the
existing request.isUserInRole() method.  (The security classes are (loosely)
roles.)  I only need to deal with authorization.  Authentication is handled
separately by a Filter that redirects elsewhere to make them log in.

Can someone point me in the right general direction?  Everything Google
turns up starts in with configuring a JDBC or JNDI realm, and I don't think
that part of it will ever work with this database.  Would I end up defining
my own kind of a Realm?

Wendy Smoak

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message