On Fri, 15 Mar 2002, Tony Dahbura wrote:
> Date: Fri, 15 Mar 2002 11:27:40 -0500
> From: Tony Dahbura <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> To: Tomcat Users List <[EMAIL PROTECTED]>
> Subject: Re: help with realm setup
>
> Micael:
>
> Thanks for the data. The question I have though is that I am using the
> role-name but this only applies to roles that map (basically as groups)
> against a series of users that authenticate. I need to map directly
> against the user without having roles.
>
> So I need to be able to do a 1-1 mapping of access to a user without
> having roles/groups setup. Can this be done when I have no control over
> the jndi source to control it? Meaning I am trying to use a jndi or
> whatever source for authentication and say if the person passed in a
> valid userid and password of X how do I let them in?
>
Security constraints in web.xml are specified *only* in terms of roles,
not usernames. Therefore, if you want a 1:1 mapping, you'll have to
(somewhere on the line) convince whichever Realm you are using to look up
usernames instead of rolenames when the request.isUserInRole() method is
executed. That may or may not take a code change, depending on which
realm you are using.
> Thanks,
> Tony
Craig
--
To unsubscribe: <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>
