Yes I need application A using module 1 And application B using module 2 I need isolation, so A cannot access m2 and B cannot access m1 In Jrun actually I can configure jaas modules for users and roles, but that's server instance wide. I'm pretty new to JAAS, and I don't know if I have to find a way to configure my server in order to bind each module to the app I want, Or it's the application that needs to know which module to use. So far the only examples and tutorials I found are about standalone applications, or single signon. Cannot use the first because I need policy files don't suit my needs And cannot use the second because I don't want to share the modules. There is not (at least I didn't find any) concept of realm in Jrun configuration.. so I'm pretty confused
-----Messaggio originale----- Da: Sean Radford [mailto:[EMAIL PROTECTED] Inviato: marted́ 18 maggio 2004 11.05 A: Struts Users Mailing List Oggetto: Re: Struts and JAAS Each application just logs into a different JAAS realm (each of these has its own stack of login modules, but sounds like you only need one per realm). Hope that guides you a little. regards, Sean On Tue, 2004-05-18 at 09:22, Andrea M. wrote: > Hello all > I've got a dilemma trying to implement JAAS in my struts applications. > > This is the problem: > I have more applications running in the same instance of the appserver (jrun > 4 in my case, but I think the same thing is applicable to the others). > Each application has its own database with its own roles, users, and > authentication rules. > What I'd like to do is to implement many login modules, and to apply to each > application its specific module. > The point is, for what I understand the login modules in JAAS are stackable, > so it goes thru all of them looking which one passes. > So, if you set all of them as required every authentication will fail, > because of the logic difference, and if you set them as optional then you > may pass a login just because you have an account in the other one, which > passes. In that case I will have a user logging in the application A, but > authenticated with the login module tailored for the application B! > > Anyone with a better clue than me about this? > > Thanks > Andrea > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] -- Dr. Sean Radford, MBBS, MSc [EMAIL PROTECTED] http://bladesys.demon.co.uk/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
