tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marc Boorshtein <mboorsht...@gmail.com>
Subject Re: Setting JK_REMOTE_USER help
Date Wed, 16 Jun 2010 15:22:38 GMT


Sent from my iPhone

On Jun 16, 2010, at 11:12 AM, David kerber <dckerber@verizon.net> wrote:

> On 6/16/2010 10:58 AM, Marc Boorshtein wrote:
>
> ...
>
>> That being said, the sequence of events should be:
>> 1.  Web server authenticates the user (works)
>> 2.  Pass the context to Tomcat (works)
>> 3.  Tomcat calls the realm to retrieve the user information and set
>> the context (doesn't presently occur)
>>
>> #3 appears to be the issue.  Authenticaiton and Authorization should
>> be separate steps entirely in order to satisfy the J2EE contract in  
>> an
>> enterprise environment (which often involves WAMs).
>>
>> So it doesn't sound like there is a configuration way to handle this.
>> I think I'll try hacking around to see if I can solve this with some
>> kind of custom Realm.
>
> Keep in mind that Tomcat is not a full j2ee server; it's a "servlet  
> container", so may not meet some of the requirements you have for  
> your app if they are part of higher-level j2ee specs.
>
> D
>

Yes, however there are security methods in the sevrlet spec  
(getPrincip, isUserInRole). Tomcat+mod_jk should satisfy these contracts

Thanks
Marc


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message