I think I answered my own question. Looks like
`ServerEndpointConfig.Configurator` is the class i want and it can be
attached to annotations of the web socket endpoint
On Fri, Feb 9, 2018 at 4:42 PM, Alex O'Ree wrote:
> Is there any kind of trickery to get user roles from a web socke
Is there any kind of trickery to get user roles from a web socket server
running in tomcat? I'm looking at javax.websocket.Session and I'm not
seeing anything other than obtaining the user principle.
Further more, aside from SSL/TLS, are there any other security related
guides that I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Chuck,
On 9/25/13 4:52 PM, Caldarale, Charles R wrote:
>> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
>> Subject: Re: Keeping user roles in different realm than users
>
>>> Any other solutions tha
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: Keeping user roles in different realm than users
> > Any other solutions than writing an error-prone homegrown one that
> > will allow to keep users in one realm, user roles in the other
> >
ase, here: why would you /want/ to do this
separately?
> Any other solutions than writing an error-prone homegrown one that
> will allow to keep users in one realm, user roles in the other
> realm and still be able to use container-managed authentication
> with authorization.
Tomcat d
attr wrote:
Is it possible to authenticate a user against one realm (i.e.: LDAP) but
authorize (obtain roles the user belongs to) against another realm (i.e.
database)?
Any other solutions than writing an error-prone homegrown one that will allow
to keep users in one realm, user roles in the
o keep users in one realm, user roles in the other realm and still be able
> to use container-managed authentication with authorization. Best regards.Kamil
Error-prone homegrown? Who's writing your software?
-Terence Bandoian
-
Is it possible to authenticate a user against one realm (i.e.: LDAP) but
authorize (obtain roles the user belongs to) against another realm (i.e.
database)?
Any other solutions than writing an error-prone homegrown one that will allow
to keep users in one realm, user roles in the other realm
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bill,
On 12/8/11 7:33 PM, Bill Wang wrote:
> Thanks to all for the explanation.
>
> I have a new question regarding the admin role.
>
> With default setup, if I login as admin, I can start,stop, undeploy
> and deploy the application. Now, because th
Thanks to all for the explanation.
I have a new question regarding the admin role.
With default setup, if I login as admin, I can start,stop, undeploy and
deploy the application. Now, because the admin password has been shared by
team, and I can't not share it with team.
So I plan to disable und
On 29/11/2011 17:05, Christopher Schultz wrote:
> Mark,
>
> On 11/29/11 11:15 AM, ma...@apache.org wrote:
>> Christopher Schultz wrote:
>
>>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA1
>>>
>>> Bill,
>>>
>>> On 11/28/11 7:08 PM, Bill Wang wrote:
Here I have the last question, what's the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 11/29/11 11:15 AM, ma...@apache.org wrote:
> Christopher Schultz wrote:
>
>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA1
>>
>> Bill,
>>
>> On 11/28/11 7:08 PM, Bill Wang wrote:
>>> Here I have the last question, what's the reload option
Christopher Schultz wrote:
>-BEGIN PGP SIGNED MESSAGE-
>Hash: SHA1
>
>Bill,
>
>On 11/28/11 7:08 PM, Bill Wang wrote:
>> Here I have the last question, what's the reload option, is it same
>> as stop/start?
>
>According to markt (who is known to be occasionally trustworthy):
>
> reload =
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bill,
On 11/28/11 7:08 PM, Bill Wang wrote:
> Here I have the last question, what's the reload option, is it same
> as stop/start?
According to markt (who is known to be occasionally trustworthy):
reload = stop + start
> If it is, maybe I just ne
Thanks for everyone who replied me. I successfully did it.
Now on-call team can stop/start the tomcat instances by themselves, but
with other action,such as deploy, undeploy, check server status, they will
get "access denied ".
*
*
That's perfect.
Here I have the last question, what's the reload
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Mark,
On 11/25/11 12:47 PM, Mark Thomas wrote:
> There is no such command as restart. You'll need:
> /html/stop
> /html/start
Whoops. Thanks for catching that.
> You'll probably want: /html/list as
> well.
+1
- -chrs
-BEGIN PGP SIGNATURE
only?
>
> http://hostname:8181/manager/html/stop?path=/APPNAME
> http://hostname:8181/manager/html/start?path=/APPNAME
>
> Regards,
> Bill
> On Thu, Nov 24, 2011 at 7:06 PM, wrote:
>
>> Bill Wang wrote:
>>
>>> Hi Tomcat guru,
>>>
>>> I have qu
On 25/11/2011 15:10, Christopher Schultz wrote:
> Bill,
>
> On 11/24/11 11:42 PM, Bill Wang wrote:
>> Thanks, with your help, I find out this link:
>> http://onjava.com/onjava/2001/07/24/tomcat.html, seems you need
>> me setup MemoryRealm, then setup security constraint in
>> webapps/manager/WE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Bill,
On 11/24/11 11:42 PM, Bill Wang wrote:
> Thanks, with your help, I find out this link:
> http://onjava.com/onjava/2001/07/24/tomcat.html, seems you need me
> setup MemoryRealm, then setup security constraint in
> webapps/manager/WEB-INF/web.xm
n Thu, Nov 24, 2011 at 7:06 PM, wrote:
> Bill Wang wrote:
>
> >Hi Tomcat guru,
> >
> >I have questions for the tomcat user roles setup.
> >
> >On-call team (24*7 support) need permission to restart one tomcat
> >services, if they get call. I think
Bill Wang wrote:
>Hi Tomcat guru,
>
>I have questions for the tomcat user roles setup.
>
>On-call team (24*7 support) need permission to restart one tomcat
>services, if they get call. I think it is maybe possible to let them
>restart tomcat throught "Tomcat Web Appli
Hi Tomcat guru,
I have questions for the tomcat user roles setup.
On-call team (24*7 support) need permission to restart one tomcat
services, if they get call. I think it is maybe possible to let them
restart tomcat throught "Tomcat Web Application Manager" (the admin url
http://s
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Claudio,
On 5/19/2009 11:42 AM, Claudio80 wrote:
> After looking for that soultion i found the class PerUserPoolDataSource.
> The tomcat's website describes how to deploy a PerUserPoolDataSource
> datasource.
>
> I followed all the instructions but
9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAkoSsXkACgkQ9CaO5/Lv0PC48gCdE8hLDZEup0rAh9fGghT6plaS
> QhEAn2wP0xtU2Za3FBUZc4K/83JfPHOX
> =+VC6
> -END PGP SIGNATURE-
>
> -----
> To unsubscribe, e-mail: users-unsubscr...@tomc
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Claudio,
On 5/13/2009 12:35 PM, Claudio80 wrote:
> I need to access to a DB2 database using those 3 different roles in order to
> limite the access to some tables' rows.
> So i tried to use the PerUserPerUserPoolDataSource in order to use the
> metho
ew this message in context:
http://www.nabble.com/Different-resources-for-different-user-roles-tp23525487p23525487.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
-
To unsubscribe, e-mail: users-unsubscr...@to
When stop command is invoked on tomcat (catalina), the value of the
shutdown password is being read by catalina from the same server.xml
file. So, it just has to be some random string. It is not mentioned
anywhere in the scripts files.
Of course, tomcat instance must be stopped while you change th
I wonder if the OP means the shutdown password? That's in server.xml,
and the only consequence of changing it that I know of is that your
shutdown script needs to be kept in sync. with this or it won't work.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
Typically when a software ve
> From: Shaw, Mike [mailto:[EMAIL PROTECTED]
> Subject: User roles
>
> Our Security group wants for me to change the Tomcat 5
> default password.
There's no such thing as a password for Tomcat itself. Various webapps
deployed under Tomcat may have security constraints req
Our Security group wants for me to change the Tomcat 5 default password.
I believe that this setting is within the tomcat-users.xml file. I know
that the role called "tomcat" needs to be in there to have the service
operate correctly.
Could you please provide instructions for changing the default
30 matches
Mail list logo
