On 8/9/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> I found my login-config.xml. Suddenly I fear that I had this working in JBoss
> but not stand-alone Tomcat, but yet I *know* I was calling isUserInRole. At
> the same time, I remember the propagation problem between Tomcat and JBoss,
> and this config is definitely for JBoss. But isUserInRole would definitely be
> a Tomcat thing . . . Damn!
>
> <application-policy name="mysqldb">
> <authentication>
> <login-module
> code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required">
> <module-option name="unauthenticatedIdentity">anybody</module-option>
> <module-option name="dsJndiName">java:/MySQLDB</module-option>
> <module-option name="principalsQuery">SELECT password FROM auth_user
> WHERE username = ?</module-option>
> <module-option name="rolesQuery">SELECT group_name, 'Roles' FROM
> auth_group, auth_user_group, auth_user WHERE auth_group.group_id =
> auth_user_group.group_id AND auth_user_group.user_id = auth_user.user_id AND
> auth_user.username = ?</module-option>
> </login-module>
> </authentication>
> </application-policy>
>
> Erik
>
Tomcat has reasonably good documentation about how to configure
container managed security. For Tomcat 5.0, it's at:
http://jakarta.apache.org/tomcat/tomcat-5.0-doc/realm-howto.html
Because it looks like you have your users in a database, you'll want
to focus on setting up a JDBCRealm configuration. If you need further
help on it, asking on the Tomcat User list is a good bet (to
subscribe, send an empty message to
<[EMAIL PROTECTED]>).
Craig
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
