Thank you Mark, How about security manager?
Can I use policy file under $CATALINA_HOME/conf/catalina.policy file with JDBCRealm? 2005/9/3, Mark Thomas <[EMAIL PROTECTED]>: > 梁炳場 wrote: > > I just install JDBCRealm of Tomcat 5.5 > > It works. Very simple to configure. > > > > But I have a few questions to ask. > > > > 1. How can users change password? > They can't without you writing some custom code. > > > And if password is encrypted, how to manage password? > > eg, how to create the 1st user name and password? > Again, custom code. If you use digest passwords, you can use the same > digest mechanism. > > > 2. Can the Struts Action class get the value of request.isUserInRole("")? > Yes. > > > 3. Can JDBCRealm support policy like JAASRealm? > No. > > > 4. Roles are defined in web.xml and database's tables. > > Is it double work? If there is a difference of roles in web.xml > > and tables for the same username, which prevail? > There is no user to role mapping in web.xml therefore there is no > question of one prevailing over another. > > Database defines mapping between users and roles. > web.xml defines mappign between roles and application resources > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >