tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ferindo Middleton" <>
Subject Built-in tools for implementing Container Managed Authentication
Date Fri, 07 Jul 2006 13:57:51 GMT
Are there plans to include built-in tools to better implement container
managed security? I'm a application developer that uses
*DataSourceRealm * realm
authentication of Tomcat to have form-based authentication for the
applications I build.... But my users have poor passwords and many of them
have been using the same password for over a year and there is no built-in
Tomcat subsystem to allow me to do such things as:

1) force users to change their passwords every now and then,
2) enforce some kind of complexity-requirement for the passwords users have
so people are using "strong" passwords that are hard to guess.

Are there plans to include built in tools like the above around the existing
Container Managed Authentication features of tomcat to allow for such things

as the above to be administered within the server with minimal user coding.
I'm just a user and don't know much about Tomcat internals. This would be a
really good improvement/feature for future releases.

Ferindo Middleton
Technical Lead - Research and AUI Infrastructure Development
Sleekcollar Software

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message