On 8/9/05, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > I found my login-config.xml. Suddenly I fear that I had this working in JBoss > but not stand-alone Tomcat, but yet I *know* I was calling isUserInRole. At > the same time, I remember the propagation problem between Tomcat and JBoss, > and this config is definitely for JBoss. But isUserInRole would definitely be > a Tomcat thing . . . Damn! > > <application-policy name="mysqldb"> > <authentication> > <login-module > code="org.jboss.security.auth.spi.DatabaseServerLoginModule" flag="required"> > <module-option name="unauthenticatedIdentity">anybody</module-option> > <module-option name="dsJndiName">java:/MySQLDB</module-option> > <module-option name="principalsQuery">SELECT password FROM auth_user > WHERE username = ?</module-option> > <module-option name="rolesQuery">SELECT group_name, 'Roles' FROM > auth_group, auth_user_group, auth_user WHERE auth_group.group_id = > auth_user_group.group_id AND auth_user_group.user_id = auth_user.user_id AND > auth_user.username = ?</module-option> > </login-module> > </authentication> > </application-policy> > > Erik >
Tomcat has reasonably good documentation about how to configure container managed security. For Tomcat 5.0, it's at: http://jakarta.apache.org/tomcat/tomcat-5.0-doc/realm-howto.html Because it looks like you have your users in a database, you'll want to focus on setting up a JDBCRealm configuration. If you need further help on it, asking on the Tomcat User list is a good bet (to subscribe, send an empty message to <[EMAIL PROTECTED]>). Craig --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]