Multiple JAAS configurations, one Tomcat

[Mikolaj Rydzewski <mi...@ceti.pl>]

Hi,

I wonder if there are any chances to get my setup working. I'd like to 
know it before I start digging in the docs ;-)

My goal is:

    * deploy several (at least two) different applications with security
      constraints defined in web.xml
    * use JAAS realm to auntethicate users
    * use different JAAS configurations for each application


Tomcat docs say, that to enable JAAS realm one has to configure it with 
its configuration name (related to jass.config file). So is it possible 
to use JAAS configuration name dependant on which application user is 
authenticated against?

Or maybe different approach: is it possible to use both: security 
constraints in web.xml and application managed authorization (by 
application, not by container)? In that case I could choose appropriate 
JAAS configuration name at runtime, during authorization phase.

-- 
Mikolaj Rydzewski <mi...@ceti.pl>

Re: Multiple JAAS configurations, one Tomcat

[Mark Thomas <ma...@apache.org>]

Mikolaj Rydzewski wrote:
> Tomcat docs say, that to enable JAAS realm one has to configure it with
> its configuration name (related to jass.config file). So is it possible
> to use JAAS configuration name dependant on which application user is
> authenticated against?

This should be possible providing your realm is configured at the
context level. I haven't tested this though.

Mark

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org