Thank you Mark,
How about security manager?
Can I use policy file under $CATALINA_HOME/conf/catalina.policy file
with JDBCRealm?
2005/9/3, Mark Thomas <[EMAIL PROTECTED]>:
> 梁炳場 wrote:
> > I just install JDBCRealm of Tomcat 5.5
> > It works. Very simple to configure.
> >
> > But I have a few questions to ask.
> >
> > 1. How can users change password?
> They can't without you writing some custom code.
>
> > And if password is encrypted, how to manage password?
> > eg, how to create the 1st user name and password?
> Again, custom code. If you use digest passwords, you can use the same
> digest mechanism.
>
> > 2. Can the Struts Action class get the value of request.isUserInRole("")?
> Yes.
>
> > 3. Can JDBCRealm support policy like JAASRealm?
> No.
>
> > 4. Roles are defined in web.xml and database's tables.
> > Is it double work? If there is a difference of roles in web.xml
> > and tables for the same username, which prevail?
> There is no user to role mapping in web.xml therefore there is no
> question of one prevailing over another.
>
> Database defines mapping between users and roles.
> web.xml defines mappign between roles and application resources
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
