tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From lightbulb432 <>
Subject Re: Single-sign on without form-based authentication
Date Thu, 30 Aug 2007 16:06:31 GMT

Views would definitely allow me to keep the two tables separate, but then I'd
have to authenticate against the two source tables separately (i.e. each
application would point to the source table rather than to the view). If
pointing both applications to the common view, then doesn't the original
problem exist?

But that requirement is only justification for authenticating with more than
two credentials. From a technical point of view, what would you have to
override to get this to work? In a previous post, I said the following:

I took a look at JAASRealm and its authenticate method only takes two
parameters (username and "credentials", which is really just a single
password string). 
> Is it possible to pass my other credentials to the JAASRealm so that I can
> pass everything at one time (username, password, other credentials) to the
> stored procedure, rather than - if I've interepreted this correctly -
> authenticating once through the JAAS username/password, then again through
> my stored procedure to "cancel out" the previous authentication.

So if not JAASRealm, perhaps I need to look at something else to customize?
I could of course implement my own authentication, but if I can get around
this one shortcoming of the "credentials" concept being considered a
password String rather than a generic Collection of multiple Objects, then I
think I might be able to use Tomcat authentication.

Christopher Schultz-2 wrote:
> Hash: SHA1
> Lb,
> lightbulb432 wrote:
>> The requirement doesn't accept having two tables (i.e. userTableA and
>> userTableB), partly because increased maintenance, the possibility of
>> table
>> definitions going out of sync, etc.
> CREATE VIEW, anyone?
> - -chris
> Version: GnuPG v1.4.7 (MingW32)
> Comment: Using GnuPG with Mozilla -
> iD8DBQFG1sVh9CaO5/Lv0PARAjCcAJ4gF601g5wChd1FQ1TodzPjKuQmpACgsEqq
> nD8wKTUJVWYkc5eGnA/mXt8=
> =FMuk
> ---------------------------------------------------------------------
> To start a new topic, e-mail:
> To unsubscribe, e-mail:
> For additional commands, e-mail:

View this message in context:
Sent from the Tomcat - User mailing list archive at

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message