In looking through the docs I am surpised that I dont see a way to do some
more "sophisticated" JDBCRealm security. I may just be looking in the wrong
place or misreading something so please let me know if I am.

My DB tables are arranged as follows

create table user
(
 id BIGINT NOT NULL AUTO_INCREMENT,
 email VARCHAR(100) not null unique,
 groupId BIGINT not null,
 password VARCHAR(20) not null,
 active BIT,
 primary key (id)
);

create table groups
(
 id BIGINT NOT NULL AUTO_INCREMENT,
 role VARCHAR(255) not null,
 primary key (id)
);

The email address is the "user login", password is obvious.

I would want something that would only let ACTIVE users log in (active = 1),
and User.groupId maps to Groups.id field.

Using the standard JDBCRealm I do not see how this is possible. Would I
actually have to create my own custom Realm implementation in order to
achieve these goals?

Thanks for any input/advice,
Frank




---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)