tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From delbd <de...@oma.be>
Subject Re: Realm implemenation, passing additionnal informations to webapplication
Date Mon, 06 Jun 2005 11:12:00 GMT
Does the realm have access to the session? Because informations i need in 
webapp is taken from where the realms does it's authentification.

I my case, the realm access a NIS to check user passwoard, and informations 
such as fullname, phone and email, are alos in this nis. I do not want the 
webapp to also access directly the nis.

Le Lundi 6 Juin 2005 12:48, QM a écrit :
> On Mon, Jun 06, 2005 at 11:36:11AM +0200, delbd wrote:
> : I had to write my own realm implementation to authenticate users.
> : Now am faced with a problem, this realm contains additionnal datas on the
> : user, like email, fullname, office telephone number.
> : I'd like to pass this informations to the webapplication, however am not
> : sure how to do this.
>
> Let's take a step back: is the extra info used to authenticate the user?
> or is it used by the webapp itself, after the user has logged in?
>
> In the latter case, you can store a user-specific object in the session
> after the user logs in.  Many people write a ServletFilter that checks
> for said object and, if it doesn't exist, creates/populates it.
>
> (Of course, the filter should only be mapped to protected areas; it is
> otherwise of limited value ;)
>
> -QM

-- 
David Delbecq
Royal Meteorological Institute of Belgium

-
Is there life after /sbin/halt -p?

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message