https://bz.apache.org/bugzilla/show_bug.cgi?id=63505
--- Comment #1 from Eugène Adell <eugene.ad...@gmail.com> --- Created attachment 36628 --> https://bz.apache.org/bugzilla/attachment.cgi?id=36628&action=edit a new class implementing this enhancement This class is based on DataSourceRealm source code (copy/paste of this file, and adding/removing what seemed to be added/removed to me). It uses 2 StoPro (obviously one for the credentials, one for the roles). The StoPro names are given in the context file, for example : <Realm className="org.apache.catalina.realm.DataSourceViaSPRealm" digest="SHA" dataSourceName="jdbc/dbdemo" userProcStoc="findPasswordForUser" roleProcStoc="findRolesForUser" localDataSource="true" /> The 2 procedures must of course be implemented on the DB, and respectively return the password and the roles associated to the username sent as an argument. My tests are OK (Tomcat 9.0.21, MySQL 5.7.18, mysql-connector 5.1.40). Once the SELECT grant revoked, the users cannot login anymore when using the DataSourceRealm, and this new class DataSourceViaSPRealm allows logging in. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
