tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From janbanan <bastava...@gmail.com>
Subject Security roles
Date Fri, 28 Sep 2007 07:14:32 GMT

Hi,

I'm having some problems with security roles in tomcat 5.5. The actual
url-pattern based protection works fine so presumably the config is ok. But
when I programatically try to check if the user belongs to a role I run into
problems.

First the request.isUserInRole(String) method always returns false. After a
bit of searching I found that Tomcat has it's own implementation of the
Principal class, GenericPrincipal, which has the hasRole(String) method. 
Now it turns out I cannot retrieve the GenericPrincipal object from the
request (class not found exception). This I found out is because the class
file is not loaded in the scope of the webapp. The workaround is to copy the
catalina.jar to the WEB-INF/lib folder.

This seems very messy! I'd like to check with you guys is this really the
only way to check a users roles? Or am I doing something wrong?

Thanks!

Jan




-- 
View this message in context: http://www.nabble.com/Security-roles-tf4532864.html#a12935784
Sent from the Tomcat - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message