tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lightbulb432 <>
Subject Re: Single-sign on without form-based authentication
Date Thu, 30 Aug 2007 00:24:34 GMT

Here's the case where three credentials are necessary: there is a requirement
to host multiple applications on a single database, and data such as users
are in a single, shared table. Therefore, someone logging into app A would
enter username and password of user1 and pass1, and someone else logging
into app B could also enter username as password user1 and pass1, but still
be two separate entities.

In the single database, the authentication table would have [User,Pass,App]
as (user1,pass1,A), and (user1,pass1,B), which are two different and
unrelated records.

So even though the users are only entering two credentials into their
respective applications' user interfaces, the application itself
authenticates with Tomcat using three credentials. How could I make this

The requirement doesn't accept having two tables (i.e. userTableA and
userTableB), partly because increased maintenance, the possibility of table
definitions going out of sync, etc.


Gregor Schneider wrote:
> however, i do not see any sense at all passing more tha two
> credentials (user, pass) to authenticate....
> therefore, i suggest first thing you should do is to re-think the
> design of your application.
View this message in context:
Sent from the Tomcat - User mailing list archive at

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message