As promised a while back, I've written a small tutorial for getting JAAS
working as an authorisation mechanism (rather than an authentication
mechanism like in JAASRealm). The initial version van be found here:

  http://www.kopz.org/public/documents/tomcat/jaasintomcat.html

It does assume you can get a full JAAS implementation up and running
outside of Tomcat (i.e. not for the faint-of-heart).

If you have any comments or suggestions, please let me know!

Cheers,

Michiel

P.S. This could also be interesting in regards to the thread
"javax.security.auth.subject disappears"

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)