Thank You Mark, My Tomcat server won't even start if the directory server is unreachable. That means other applications that have not protected are also failing. Second question: There is no attribute in the Realm definition to give a name to realm (as per the how-to document. How do I configure different realms for different applications? What is the default realm name for the tomcat-users.xml? I want the manager application to run using the default tomcat-users.xml. Another application is to be protected using JNDI realm. A third one is public meaning nothing is protected in that application. Thanks -Surya
On 9/25/05, Mark Thomas <[EMAIL PROTECTED]> wrote: > > Surya Mishra wrote: > > I have successfully used JNDI realm to protect my applications on > Tomcat. > > But if Tomcat is unable to connect to the the directory server, it > refuses > > access. I want it to use the tomcat-users list as a backup if it fails > to > > connect to the directory. It seems if the JNDI realm is set up, the > > tomcat-users.cml file entries become useless. > > Need Help!!! > > Thanks > > -Surya > > > You are correct. This type of fall-back from one realm to another is > not supported. However, JNDI does have an alternateURL attribute which > is used if connecting to connectionURL fails. It isn't as well > documented as it should be - something that I'll fix later today - but > if you search > http://jakarta.apache.org/tomcat/tomcat-5.5-doc/realm-howto.html for > alternateURL you should find the info you need. > > More generally, I suspect that making your directory more reliable (or > replicating to a second directory and using the alternateURL) is going > to be less effort and less error prone that trying to keep to > completely different lists of users, passwords and role assignments in > sync. > > Mark > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >