-none- 2007-08-15 - By Caldarale, Charles R
Back
> From: Matthew Kerle [mailto:matthew.kerle@(protected)]
> Subject: tomcat memory realms & tomcat-users.xml
>
> I've read the tomcat docs on memory realm:
> http://tomcat.apache.org/tomcat-5 (See http://cat-5.ora-code.com).5-doc/realm-howto.html#MemoryRealm,
> and I want to expose the org.apache.catalina.UserDatabase
> class to the web service context via a <ResourceLink...>.
You probably don't want to do that (even if it's possible, which I
doubt), since all code in the webapps would then have access to the
credentials.
> I'd like to be able to authenticate users without having
> to add a <security-constraint> to my web.xml, so that
> unauthenticated clients can still connect.
URL patterns in the <security-constraint> allow you to control which
portions of the webapp are accessible to unauthenticated users. If you
want something with finer granularity, a filter is probably appropriate.
Take a look at:
http://securityfilter.sourceforge.net/
for a popular one.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To start a new topic, e-mail: users@(protected)
To unsubscribe, e-mail: users-unsubscribe@(protected)
For additional commands, e-mail: users-help@(protected)
|
|
