Thanks Cheong. That sounds like what I should. I don't understand why each of your new application should define their own user access control table. Should that be part of the centralized user management system?
My following message will attach a prototype of my user management system database schema. I would appreciate if you can provide any suggestions. Gang -----Original Message----- From: Cheong Takhoe [mailto:[EMAIL PROTECTED] Sent: Monday, October 27, 2003 9:58 PM To: Tomcat Users List Subject: RE: Centralized user management system Hi Gang, We realised this 3 years ago when we started developing web applications for the company. So what we did in the first part was to develop our user management system onto our application framework. All our applications refer to the User object that goes across the applications. Management is done on a web front. Each new application has a defined user accessiblity table that defines who has access to that application. Might not be standard, but it works :) Regards, Cheong Takhoe -----Original Message----- From: Gang Wu [mailto:[EMAIL PROTECTED] Sent: Tuesday, October 28, 2003 4:01 AM To: Tomcat Users List Subject: RE: Centralized user management system Yes, I need a program to maintain a centralized user database, then the later developed applications don't need invent their own user management module anymore. Instead the applications can reference the user information directly or via Tomcat JDBC Realm. There was an article published on Java World (http://www.javaworld.com/javaworld/jw-06-2001/jw-0615-tapestry.html), which introduced a system called Tapestry which does what I want, but the connection to the download site was removed. Is there anybody knows what happened there? I also saw some commercial systems, usually very expensive. There is an "inexpensive" one from http://cafesoft.com/ . The price for 5 concurrent licenses is $2,995. Is there anybody has experience with it or similar systems? Thanks Gang -----Original Message----- From: Shapira, Yoav [mailto:[EMAIL PROTECTED] Sent: Monday, October 27, 2003 1:52 PM To: Tomcat Users List Subject: RE: Centralized user management system Howdy, It sounds like you're looking for a complete standalone user management program to talk to your database. Tomcat doesn't have such a thing, as that's not tomcat's job to provide ;) Yoav Shapira Millennium ChemInformatics >-----Original Message----- >From: Gang Wu [mailto:[EMAIL PROTECTED] >Sent: Monday, October 27, 2003 1:46 PM >To: Tomcat Users List >Subject: RE: Centralized user management system > >Hi Yoav, > >Thanks for the message. The JDBC Realm provides a way to connect to an >external user management system, so applications can verify user privileges >in a standard way. But Tomcat does not provide any mechanism to manage >users and roles, which is supposed to be implemented in the external >user management system. And that's what I am looking for. The procudt >should provide mechanisms to define application user management model, >usually User/Group/Role/Permission model. It should also provide >interface (either >web interface or stand-alone application) to maintain the defined model, >such as add/remove user, assign/revoke privileges to user. > >People might suggest to use the Tomcat Admin service which provide web >interface to maintain the user/role pairs. But that's too simple and not >easy to maintain. Also the data is stored in the deployment file, but a >DBMS storage is obviously preferred by most developers. Or is there a >better Tomcat solution I did not know? > >Thanks > > >Gang Wu > > >-----Original Message----- >From: Shapira, Yoav [mailto:[EMAIL PROTECTED] >Sent: Monday, October 27, 2003 11:16 AM >To: Tomcat Users List >Subject: RE: Centralized user management system > > > >Howdy, >Tomcat can run with a JDBC Realm to authenticate users and define roles, >and that likely has all the features you need. >http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#JDBCRe a >lm > >Yoav Shapira >Millennium ChemInformatics > > >>-----Original Message----- >>From: Gang Wu [mailto:[EMAIL PROTECTED] >>Sent: Monday, October 27, 2003 11:07 AM >>To: Tomcat Users List >>Subject: Centralized user management system >> >>Hello everyone, >> >>I have several applications running on Tomcat server. When developing >the >>applications, each development team invented their own user management >>system(basically a set of database tables and web interface). Now we >got >>into this kind of awkward situation: User has to remember different >>users/passwords for each applications and login for every applications. >> >>We are going to develop some new applications and also need user >>authentication. To avoid the multiple users/passwords problem, I'm >looking >>for a system to centrally manage users for multiple applications. Does >>anybody know if there are any free or inexpensive systems I can use? >It's >>not possible for us to pay $100,000 for this kind of system. >> >>I took a look at the Tomcat user/role access control system, but I >think >>it's too simple for any application permission management. Am I wrong? >> >>Thanks >> >>Gang >> >> >>--------------------------------------------------------------------- >>To unsubscribe, e-mail: [EMAIL PROTECTED] >>For additional commands, e-mail: [EMAIL PROTECTED] > > > > >This e-mail, including any attachments, is a confidential business >communication, and may contain information that is confidential, >proprietary and/or privileged. This e-mail is intended only for the >individual(s) to >whom it is addressed, and may not be saved, copied, printed, disclosed or >used by anyone else. If you are not the(an) intended recipient, please >immediately delete this e-mail from your computer system and notify the >sender. Thank you. > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --- CONFIDENTIALITY NOTICE & DISCLAIMER This email and any attachment may contain confidential, privileged content and/or copyrighted information of APIIT SDN BHD ('Message'). If you are not the addressee indicated in this Message (or responsible for delivery of this Message to such person) any use, disclosure, retransmission or dissemination of this Message or any part thereof is strictly prohibited. If you have received this in error, please notify the sender immediately by return e-mail and delete this Message from your computer. Take note that any privilege or confidentiality attached to this Message is not waived, lost or destroyed due to this disclosure. Whilst all care has been taken, APIIT SDN BHD's management disclaims all liability for loss or damage to person or property arising from this Message being infected by computer virus or other contamination. Opinions, conclusions and other information in this Message that do not relate to the official business of APIIT SDN BHD shall be understood as neither given nor endorsed by APIIT SDN BHD. --- --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]