Realm interface
Hi, Realm interface provide methods for authorization like : UserDataPermission (hasUserDataPermission() method) , WebResourcePermission (hasResourcePermission() method) and the last method is hasRole() method. I'm working on an implementation of a realm which use JACC for the authorization I have no major problems for UserDataPermission and WebResourcePermission as the methods hasUserDataPermission() and hasResourcePermission() provide attributes to build WebUserDataPermission object (the HttpServletRequest argument is given to hasUserDataPermission() method). For WebResourcePermission, we can use HttpServletRequest attribute too. My problem is for using hasRole() method. For JACC permissions, we have to use WebRoleRefPermission object. For build WebRoleRefPermission objects, we need to know the servlet-name that identifies the application specific web resource in whose context the role references are to be evaluated But hasRole(Principal principal, String role) method contains only the principal and the role. I have two questions : Is that tomcat Realm interface will evolve to add an argument to hasRole() method in order to know the current servlet-name ? I think that Remy will answer me that this is another hack. So my next question is : Is there an easy way to know the current servlet name in a realm ? (in hasRole() method). Thanks for any suggestions if someone has already done this. Regards, Florent smime.p7s Description: S/MIME Cryptographic Signature
Re: Realm interface
This account does not exist - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Realm interface
Hi, But hasRole(Principal principal, String role) method contains only the principal and the role. I have two questions : Is that tomcat Realm interface will evolve to add an argument to hasRole() method in order to know the current servlet-name ? I think that Remy will answer me that this is another hack. Remy or someone else ;) So my next question is : Is there an easy way to know the current servlet name in a realm ? (in hasRole() method). No, there's no easy way. Keep in mind that the resource being authenticated might not be a servlet at all: it could be a filter, for example. How would your realm handle that? What is your Principal implementation class, and does it contain methods to help in this scenario? Yoav Shapira This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]