tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Container managed security and Proxy support
Date Thu, 21 Oct 2010 07:46:17 GMT
Pid wrote:
> On 20/10/2010 17:02, Oliver Wulff wrote:
>> Thanks. To recap, I configure AJP13 with tomcatAuthentication equals to
>> false but I still need the login-config and security-constraints in the
>> web.xml...
>>
>> Where can I let tomcat know to which roles a user belongs to?
> 
> That has to be done via Realm, AFAIK.  Which means you can't use the AJP
> method.
> 
Are you sure ?

The tomcatAuthentication="false" attribute means that Tomcat will pick up the user-id, as

transmitted by the front-end webserver through the Connector, instead of trying to get it

himself.
But it should not mean that, with this user-id, Tomcat cannot perform other AAA steps, 
such as determining if that user-id in in Role X.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message