Why don't you just call the role "has_username"? lol At 09:30 AM 3/15/02 -0800, you wrote:
>On Fri, 15 Mar 2002, Tony Dahbura wrote: > > > Date: Fri, 15 Mar 2002 11:27:40 -0500 > > From: Tony Dahbura <[EMAIL PROTECTED]> > > Reply-To: Tomcat Users List <[EMAIL PROTECTED]> > > To: Tomcat Users List <[EMAIL PROTECTED]> > > Subject: Re: help with realm setup > > > > Micael: > > > > Thanks for the data. The question I have though is that I am using the > > role-name but this only applies to roles that map (basically as groups) > > against a series of users that authenticate. I need to map directly > > against the user without having roles. > > > > So I need to be able to do a 1-1 mapping of access to a user without > > having roles/groups setup. Can this be done when I have no control over > > the jndi source to control it? Meaning I am trying to use a jndi or > > whatever source for authentication and say if the person passed in a > > valid userid and password of X how do I let them in? > > > >Security constraints in web.xml are specified *only* in terms of roles, >not usernames. Therefore, if you want a 1:1 mapping, you'll have to >(somewhere on the line) convince whichever Realm you are using to look up >usernames instead of rolenames when the request.isUserInRole() method is >executed. That may or may not take a code change, depending on which >realm you are using. > > > Thanks, > > Tony > >Craig > > >-- >To unsubscribe: <mailto:[EMAIL PROTECTED]> >For additional commands: <mailto:[EMAIL PROTECTED]> >Troubles with the list: <mailto:[EMAIL PROTECTED]> -- To unsubscribe: <mailto:[EMAIL PROTECTED]> For additional commands: <mailto:[EMAIL PROTECTED]> Troubles with the list: <mailto:[EMAIL PROTECTED]>