"Terry Zhou" <[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
>Tomcat does have a realm in different level(Engine,Host,Webapp)
> for security.
>Check http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
Is there anybody using this? and it works?
I guess the developers just want to go that way.
I said it doesn't work in replying him, nobody give more information.
When i use this to replace the UserDatabaserealm, everything works well.
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="com.sap.dbtech.jdbc.DriverSapDB"
connectionURL="jdbc:sapdb://192.168.1.98/tst?unicode=true"
connectionName="test" connectionPassword="test"
userTable="users" userNameCol="user_name"
userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name" />
when i moved it to a web-app's context.xml, and the userdatabaserealm
enabled on engine level,
the one configued in context.xml doesn't work.
Furthermore, users defined in the engine level is available in the web-app.
Terry mentioned for security reason, i think that users defined in the
engine level should not be available to
the web-app. Yes, the users defined in engine level should not be available
to web-apps.
users defined in host level can be available to all its web-apps.
<Realm className="org.apache.catalina.realm.MemoryRealm"
pathname="conf/Catalina/localhost/dusers.xml">
</Realm>
in a specific web-app's context.xml doesn't work, either.
Thank you for reading this.
[EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
