tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
Subject Re: Authorization on Apache Tomcat the J2ee Way.
Date Fri, 05 Oct 2007 07:54:37 GMT
Arun wrote:
> Hi,
> I have a tomcat 6 installed. I have a running webapplication . I need to
> implement a role based access control. How can I combine servers caabilities
> so that I can use the request.getPrincipal() method ... I also have  a list
> of roles and groups and who all are assigned what all roles/groups in db.
> Now its time to implement an access control mechanism. I do not want Basic
> authentication with a popup. I will be logging in by a normal html sign in
> form, with a username and password field. Once that is done everything
> should be the J2EE way. The roles for that user should get added to the
> request and I can use it for authorization.

Form based authentication, part of the servlet spec, is what you are
referring to.  Google is your friend.


To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message