?realms in different level(Engine,Host,Webapp)?

"Terry Zhou" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] >Tomcat does have a realm in different level(Engine,Host,Webapp) > for security. >Check http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html Is there anybody using this? and it works? I guess the developers just want to

Thank you for response

"Bill Barker" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > Really a users@ question, so I won't bother to reply inline. It's my pleasure to have your response. > What Jack wants is pretty much an enhanced version of UserDatabase. He > can do much of what he wants with a really

a bit info

Hi, Mr. Thomas, Thank your for spending time to send me responses! I have spent pretty much effort on authentication & authorization, but i might still have some misunderstandings. Thank you for pointing out my wrong ideas! I might have put too much information in this msg. Be patient. Ei

Re: Mr. Thomas please check this.

Really a users@ question, so I won't bother to reply inline. What Jack wants is pretty much an enhanced version of UserDatabase. He can do much of what he wants with a really fancy custom UserDatabase, but would need changes to do more advanced X509 stuff (also, the current config wouldn't be

Re: 2 clear reasons

Mark Thomas wrote: > a) You can not use ssl and ask for client certificates. CLIENT-CERT > requires the use of ssl. Sorry typo. This should read "You can't not use ssl and..." Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For

Re: Mr. Thomas please check this.

Jack wrote: > When we use client-cert, we might be not using ssl at all since we don't ask > confidential transfer. This is not correct. CLIENT-CERT authentication *requires* ssl. ssl is still ssl even if NULL encryption is used. >>A web application may well have a mixed user community, >>some au

Mr. Thomas please check this.

Hi, Mr. Thomas, I know you are doing this. On January 20, 2006, under http://issues.apache.org/bugzilla/show_bug.cgi?id=7831, you mentioned: >I'm happy to look at adding CLIENT-CERT support to the JNDI realm > based on your (Mario Ivankovits) proposal. If I put together a patch are > you willing

Bug report for Watchdog [2006/01/22]

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat 5 [2006/01/22]

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat 4 [2006/01/22]

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Bug report for Tomcat 3 [2006/01/22]

+---+ | Bugzilla Bug ID | | +-+ | | Status: UNC=Unconfirmed NEW=New ASS=Assigned

Re: 2 clear reasons

Yeah Jack, it would be great if you would reply to the existing threads instead of starting new ones with each message. tia leon On 1/22/06, Mark Thomas <[EMAIL PROTECTED]> wrote: > Two clear reasons for what? > > Mark > > Jack wrote: > > 1. The Users of a web-app might be defined in several pla

Re: 2 clear reasons

Two clear reasons for what? Mark Jack wrote: > 1. The Users of a web-app might be defined in several places such as > Database, or a file. > > 2. when we are not using ssl, but ask for client certificate. > We have to map certificats to roles. Although most certificates can be > mapped to a gen

2 clear reasons

1. The Users of a web-app might be defined in several places such as Database, or a file. 2. when we are not using ssl, but ask for client certificate. We have to map certificats to roles. Although most certificates can be mapped to a generic role. A few certificates might be mapped to some spec

DO NOT REPLY [Bug 38352] - Additional Entries for Default catalina.policy file.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 38352] New: - Additional Entries for Default catalina.policy file.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 38351] New: - context.xml not used when new host created.

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

Re: problem with lost request parameters

Hi, I changed all my forms to method GET and the problem disappeared. So, I think there might be a problem with post form data processing in tomcat 5.5.12. I can't keep my forms in GET method because some of them submit the user password. So, any new ideas to solve the problem? Thanks,

DO NOT REPLY [Bug 38337] - GlobalNamingResource will not allow commercial DataSource drivers

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu

DO NOT REPLY [Bug 36976] - Tomcat VM does not shutdown with remote jmx enabled

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT . ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND· INSERTED IN THE BUG DATABASE. http://issues.apache.org/bugzilla/show_bu