tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dalecki, Janusz" <jdale...@tycoint.com>
Subject RE: Configured JDBCRealm
Date Wed, 03 Sep 2014 23:35:55 GMT


-----Original Message-----
From: Daniel Mikusa [mailto:dmikusa@pivotal.io]
Sent: Wednesday, 3 September 2014 10:03 PM
To: Tomcat Users List
Subject: Re: Configured JDBCRealm

On Tue, Sep 2, 2014 at 9:59 PM, Dalecki, Janusz <jdalecki@tycoint.com>
wrote:

>
>
> -----Original Message-----
> From: Daniel Mikusa [mailto:dmikusa@pivotal.io]
> Sent: Tuesday, 2 September 2014 10:04 PM
> To: Tomcat Users List
> Subject: Re: Configured JDBCRealm
>
> On Tue, Sep 2, 2014 at 7:00 AM, Dalecki, Janusz <jdalecki@tycoint.com>
> wrote:
>
> > Hi,
> > I have configured JDBCRealm Tomcat with the following:
> >
> > <Context>
> >
> >                 <Realm className="org.apache.catalina.realm.JDBCRealm"
> > driverName="org.postgresql.Driver"
> >
> connectionURL="jdbc:postgresql://localhost:5432/df_Scheduler?user=postgres&amp;password=admin"
> > userTable="users" userNameCol="userName" userCredCol="password"
> > userRoleTable="user_roles" roleNameCol="roleName"/>
> >
> > </Context>
> > I have a few questions:
> >
> > 1)      How can I get hold of this realm object within my  Java app?
> > 2)      Even if I get the instance of the JDBCRealm - how do I get the
> > list of all roles available?
> >
>
> What's the purpose of doing this?
>
> This is just me, but if I wanted to get a list of my users or roles, I
> would use JDBC and pull them from the database.  Then I don't have to
> tie my application to Tomcat's internal classes.
>
> Dan
>
> Hi,
> Thanks for the reply.
> So what is the purpose of Tomcat’s Realms - I thought that was exactly
> the reason why they are there – so I don’t have to pull the users from
> the database.
>

Almost.  They're there so that Tomcat can pull users from the database (or from where ever
the realm gets its data).  I say Tomcat because they're internal components to Tomcat (see
the org.apache.tomcat package name) and so an application developer would not generally interact
with them directly.  The typical course for an application developer would be to declare his
or her security requirements in the application and simply let Tomcat will enforce them. 
This keeps your app portable, since the application only uses the Servlet spec.

Not sure what you're goal is here, since you declined to answer but if you need more access
to the user data, like if you wanted to create a user and role administration page, you'd
need to write your own data access code.


> Also is there any way of getting hold of the instance of JDBCRealm I
> have configured?
>

I don't believe it's possible using the Servlet apis.

Dan

Hi,
Yep, that is exactly what I want to do - access to the user data. Sorry I failed to state
that clearly.
Thanks for the reply.
I know what to do now – I have to do it myself in a portable way.
Regards,
Janusz

________________________________

This e-mail contains privileged and confidential information intended for the use of the addressees
named above. If you are not the intended recipient of this e-mail, you are hereby notified
that you must not disseminate, copy or take any action in respect of any information contained
in it. If you have received this e-mail in error, please notify the sender immediately by
e-mail and immediately destroy this e-mail and its attachments.
Mime
View raw message