You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Tim Alberts <ta...@msiscales.com> on 2007/06/06 23:50:12 UTC
Multiple Realms in a Context?
I'm in the process of teaching myself the Realms configuration for
Tomcat and have a couple questions that after hours of reading and
testing I could determine, but this list can hopefully save me some
research time. Reading the documentation at:
http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
I understand a Realm can be "/Inside a <Context> element/ - This Realm
will be used ONLY for THIS web application."
Does this mean conversely that the web application can only use this
Realm for authentication?
Also, can I configure multiple realms inside a <Context>? For instance
a JDBCRealm for general access to administration pages in a web
application, plus a JNDIRealm for authenticating individual users (say
on an LDAP server configured as PAM authentication)?
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Multiple Realms in a Context?
Posted by Pid <p...@pidster.com>.
Tim Alberts wrote:
> I'm in the process of teaching myself the Realms configuration for
> Tomcat and have a couple questions that after hours of reading and
> testing I could determine, but this list can hopefully save me some
> research time. Reading the documentation at:
>
> http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
>
> I understand a Realm can be "/Inside a <Context> element/ - This Realm
> will be used ONLY for THIS web application."
>
> Does this mean conversely that the web application can only use this
> Realm for authentication?
Yes, only one Realm at a time.
> Also, can I configure multiple realms inside a <Context>? For instance
> a JDBCRealm for general access to administration pages in a web
> application, plus a JNDIRealm for authenticating individual users (say
> on an LDAP server configured as PAM authentication)?
How would the server know which Realm to authenticate against, if two
are defined, especially before you've supplied a credential?
If you need to do more complex authentication then implement a JAASRealm
and incorporate any functionality you'd need.
p
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
RE: Multiple Realms in a Context?
Posted by "Caldarale, Charles R" <Ch...@unisys.com>.
> From: Tim Alberts [mailto:talberts@msiscales.com]
> Subject: Multiple Realms in a Context?
>
> Does this mean conversely that the web application can only use this
> Realm for authentication?
Yes.
> Also, can I configure multiple realms inside a <Context>?
No.
But there's nothing stopping you from writing your own Realm that
utilizes multiple authentication mechanisms.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org