tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Caldarale, Charles R" <Chuck.Caldar...@unisys.com>
Subject RE: jaas.config / JAASRealms
Date Mon, 22 Jun 2009 15:20:46 GMT
> From: Oliver Block [mailto:lists@oliver-block.eu]
> Subject: jaas.config / JAASRealms
> 
> I've modified jdk/jre/lib/security/java.security to 
> find the jaas.config.

Not a good idea, since that affects every Java execution on that system.  Better to specify
the location via the java.security.auth.login.config system property.

> Is it compatible with the jaas design to keep web applicaton 
> specific jaas.config files

I don't believe so; JAAS appears to be for the whole JVM instance, not individual webapps.

> are there any directives for web.xml to declare the
> path to jaas.config?

No, the servlet spec is agnostic when it comes to the actual authentication mechanism.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus
for use only by the intended recipient. If you received this in error, please contact the
sender and delete the e-mail and its attachments from all computers.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message