newbie: Realm

[Manavendra Gupta <ma...@bsil.com>]

Hi,


Like all web applications, I need to provide some kind of session
maintenance. Would the concept of a Realm help in this?

1. Is this the correct application/use of a realm?
2. Is a realm akin to a SSO/LDAP server, where the user's roles and mapping
to actions is stored?
3. How extensible is a realm?

Can someone provide a step-by-step example of how to setup and use a realm?

Manav.


--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>

Re: newbie: Realm

[Bill Barker <wb...@wilshire.com>]

1.  This is not the usual use of a Realm.
2.  Yes, a Realm is used to do the authentication of users, and to define
which Roles they belong to.  The mapping to actions would normally be
handled by <security-constraints> or servlet code in the web-app.
3. o.a.c.Realm is an interface.  You can plug any class that implements it
into Tomcat 4, and it should work fine.  There are some issues with custom
Realms if you want to use the MBeans stuff, and configure it from the admin
web-app.  Otherwise, it works great for me.

"Manavendra Gupta" <ma...@bsil.com> wrote in message
news:NHBBIEMCAOKIOFBGNAEJIEAJCBAA.manav@bsil.com...
> Hi,
>
>
> Like all web applications, I need to provide some kind of session
> maintenance. Would the concept of a Realm help in this?
>
> 1. Is this the correct application/use of a realm?
> 2. Is a realm akin to a SSO/LDAP server, where the user's roles and
mapping
> to actions is stored?
> 3. How extensible is a realm?
>
> Can someone provide a step-by-step example of how to setup and use a
realm?
>
> Manav.





--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>