Multiple Realms in a Context?

[Tim Alberts <ta...@msiscales.com>]

I'm in the process of teaching myself the Realms configuration for 
Tomcat and have a couple questions that after hours of reading and 
testing I could determine, but this list can hopefully save me some 
research time.  Reading the documentation at:

http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html

I understand a Realm can be "/Inside a <Context> element/ - This Realm 
will be used ONLY for THIS web application."

Does this mean conversely that the web application can only use this 
Realm for authentication?

Also, can I configure multiple realms inside a <Context>?  For instance 
a JDBCRealm for general access to administration pages in a web 
application, plus a JNDIRealm for authenticating individual users (say 
on an LDAP server configured as PAM authentication)?



---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org

Re: Multiple Realms in a Context?

[Pid <p...@pidster.com>]

Tim Alberts wrote:
> I'm in the process of teaching myself the Realms configuration for 
> Tomcat and have a couple questions that after hours of reading and 
> testing I could determine, but this list can hopefully save me some 
> research time.  Reading the documentation at:
> 
> http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
> 
> I understand a Realm can be "/Inside a <Context> element/ - This Realm 
> will be used ONLY for THIS web application."
> 
> Does this mean conversely that the web application can only use this 
> Realm for authentication?

Yes, only one Realm at a time.

> Also, can I configure multiple realms inside a <Context>?  For instance 
> a JDBCRealm for general access to administration pages in a web 
> application, plus a JNDIRealm for authenticating individual users (say 
> on an LDAP server configured as PAM authentication)?

How would the server know which Realm to authenticate against, if two 
are defined, especially before you've supplied a credential?

If you need to do more complex authentication then implement a JAASRealm 
and incorporate any functionality you'd need.


p



> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 

RE: Multiple Realms in a Context?

["Caldarale, Charles R" <Ch...@unisys.com>]

> From: Tim Alberts [mailto:talberts@msiscales.com] 
> Subject: Multiple Realms in a Context?
> 
> Does this mean conversely that the web application can only use this 
> Realm for authentication?

Yes.

> Also, can I configure multiple realms inside a <Context>?  

No.

But there's nothing stopping you from writing your own Realm that
utilizes multiple authentication mechanisms.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org