You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Jack <ja...@hotmail.com> on 2006/01/23 06:27:08 UTC
?realms in different level(Engine,Host,Webapp)?
"Terry Zhou" <zh...@gmail.com> wrote in message
news:daa09eb00601200137k6e9fa75cr@mail.gmail.com...
>Tomcat does have a realm in different level(Engine,Host,Webapp)
> for security.
>Check http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html
Is there anybody using this? and it works?
I guess the developers just want to go that way.
I said it doesn't work in replying him, nobody give more information.
When i use this to replace the UserDatabaserealm, everything works well.
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="com.sap.dbtech.jdbc.DriverSapDB"
connectionURL="jdbc:sapdb://192.168.1.98/tst?unicode=true"
connectionName="test" connectionPassword="test"
userTable="users" userNameCol="user_name"
userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name" />
when i moved it to a web-app's context.xml, and the userdatabaserealm
enabled on engine level,
the one configued in context.xml doesn't work.
Furthermore, users defined in the engine level is available in the web-app.
Terry mentioned for security reason, i think that users defined in the
engine level should not be available to
the web-app. Yes, the users defined in engine level should not be available
to web-apps.
users defined in host level can be available to all its web-apps.
<Realm className="org.apache.catalina.realm.MemoryRealm"
pathname="conf/Catalina/localhost/dusers.xml">
</Realm>
in a specific web-app's context.xml doesn't work, either.
Thank you for reading this.
jackzhp@hotmail.com
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org