tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier>
Subject Re: Memory Leak in Tomcat
Date Wed, 23 Feb 2011 09:15:18 GMT
הילה wrote:
> I've posted my problem in the sourceforge forums, but no comments have
> received so far. :(
> If you have any suggestions to replace this, another way to authenticate the
> tomcat to the DB with user and password that do not appear in clear text,
> I'll be glad to hear about it.
Have a look at Jespa (

In the basic configuration, it works a bit differently : it authenticates (with Windows 
Domain) the user who is *using* the Tomcat application, not the Tomcat process itself.

However, it comes with an API which can probably be used to do what you want.
Send an email to explaining what you want to achieve, and I am sure 
that they will tell you if Jespa can be used for that.

(*) Note the difference : currently, you are authenticating to the DB with the single 
"Tomcat user".  So all the users of your application really access the database under this

one "group-id".  Anyone who can connect to Tomcat, can get data out of the database, under

this one user-id.  That may or may not be secure, depending on how the users authenticate

to the Tomcat application.

In the Jespa kind of setup, a java servlet filter picks up the Windows Domain user-id of 
the user accessing the Tomcat application.
This same user-id can then be picked up inside the application via getRemoteUser() (or 
something sismilar), and used to connect to the database.
Then you really filter accesses to the database by individual user-id.

One or the other setup may be what you really need, but that you have to decide yourself.

There is no need to send me a copy of each message that you send to the list.
I receive all messages to the list anyway (as do the other subscribers), so when you copy

me, I get the same message twice.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message