ok, thanks, David!
-Original Message-
From: David Smith [mailto:[EMAIL PROTECTED]
Sent: Monday, August 21, 2006 11:48 AM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Looking at the source for org.apache.catalina.JDBCRealm, the queries on
the database are confined
ECTED]
Sent: Monday, August 21, 2006 10:51 AM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Could you post some relevant sections of your webapp? I'm thinking the
security constraint section of your web.xml, a representative segment of
your user database table, and the lo
t;>work.
>>
>>Any ideas why? And, if it's limited to this by Tomcat's default security
>>constraint class files, can I individually edit and recompile them, and then
>>it will redeploy in the war file upon restart?
>>
>>-Original Message-
>>
ching third col to the users table as well? Or is
that immaterial?
-Original Message-
From: David Smith [mailto:[EMAIL PROTECTED]
Sent: Monday, August 21, 2006 10:51 AM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Could you post some relevant sections of your webapp?
redeploy in the war file upon restart?
-Original Message-
From: Marc Farrow [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 17, 2006 4:03 PM
To: Tomcat Users List
Subject: Re: Security constraint/login form
The names are irrelevant. They just have to match between implementation
and s
never mind...sorry, I did see it in the web.xml file under the role-name
element.
Sorry about that!
-Original Message-
From: Propes, Barry L
Sent: Monday, August 21, 2006 10:43 AM
To: Tomcat Users List
Subject: RE: Security constraint/login form
Ok, I'm finding that the name
olumn in another DB table I've
> created or yest to my last question about the values being what I want?
>
> -Original Message-
> From: Marc Farrow [mailto:[EMAIL PROTECTED]
> Sent: Thursday, August 17, 2006 3:38 PM
> To: Tomcat Users List
> Subject: Re: Security c
t 18, 2006 9:27 AM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Valid roles are whatever are defined to be valid. The specific name does
not matter. But if you are using a Database for validation, then the roles
are pulled from the database column that you have associate
choices? Is valid ONLY
service or admin?
-Original Message-
From: David Smith [mailto:[EMAIL PROTECTED]
Sent: Friday, August 18, 2006 6:26 AM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Over an hour? Not even ODBC has that kind of latency. Could you be
looki
[mailto:[EMAIL PROTECTED]
Sent: Friday, August 18, 2006 6:26 AM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Over an hour? Not even ODBC has that kind of latency. Could you be
looking at a caching issue?
--David
Propes, Barry L wrote:
>ok, thanks..I think there&
To: Tomcat Users List
Subject: Re: Security constraint/login form
Over an hour? Not even ODBC has that kind of latency. Could you be
looking at a caching issue?
--David
Propes, Barry L wrote:
>ok, thanks..I think there's a fair amount of latency between my database query
>
s RISK, author, legaldept, etc.?
-Original Message-
From: Marc Farrow [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 17, 2006 2:11 PM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Are you talking about the tomcat-users.xml file and the roles defined in
there?
The security-contrain
ver an hour ago was still showing the old value, and
could have been causing some of the problems.
-Original Message-
From: Marc Farrow [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 17, 2006 4:03 PM
To: Tomcat Users List
Subject: Re: Security constraint/login form
The names are ir
om: Marc Farrow [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 17, 2006 4:03 PM
To: Tomcat Users List
Subject: Re: Security constraint/login form
The names are irrelevant. They just have to match between implementation
and setup.
On 8/17/06, Propes, Barry L <[EMAIL PROTECTED]> wrote:
>
created or yest to my last question about the values being what I want?
-Original Message-
From: Marc Farrow [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 17, 2006 3:38 PM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Quick answer is yes.
On 8/17/06, Propes, Barr
Sent: Thursday, August 17, 2006 3:38 PM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Quick answer is yes.
On 8/17/06, Propes, Barry L <[EMAIL PROTECTED]> wrote:
>
> I wonder though...do the role_names have to be service or admin or
> something like that?
>
&
Subject: Re: Security constraint/login form
Are you talking about the tomcat-users.xml file and the roles defined in
there?
The security-contraints are pretty flexible and you can use any number of
ways to define your realms. If you look at the web.xml for the manager
application (that is shipped
ing a column called role_name, but with a value
such as RISK, author, legaldept, etc.?
-Original Message-
From: Marc Farrow [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 17, 2006 2:11 PM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Are you talking about the tomcat-user
just be able to run a
simple select query to get the values I need to return the proper info per each
user's roles and credentials.
Thanks, both of you guys!
-Original Message-
From: Marc Farrow [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 17, 2006 2:11 PM
To: Tomcat Users Lis
Are you talking about the tomcat-users.xml file and the roles defined in
there?
The security-contraints are pretty flexible and you can use any number of
ways to define your realms. If you look at the web.xml for the manager
application (that is shipped with Tomcat), you can see how that realm i
ok, well that certainly helps and gives very good direction!
Thank you, David!
-Original Message-
From: David Smith [mailto:[EMAIL PROTECTED]
Sent: Thursday, August 17, 2006 2:02 PM
To: Tomcat Users List
Subject: Re: Security constraint/login form
Getting the remote user would be
Getting the remote user would be request.getRemoteUser() ;
I would imagine other fields could be added to the database table, but
the webapp would be responsible for loading the remaining data into a
session or whatever is needed. Tomcat will only offer the username and
an accurate response t
to add to my question earlier below, would it be something as simple as?
String juser= (String) request.getAttribute("j_username");
Granted I have no idea what the session attribute is under the hood, only know
that j_username is the input name for the user_name.
I was thinking with that info,
23 matches
Mail list logo
