Hello, Sorry for the ignorant questions. I am used to Glassfish and recently moved over to Tomcat.
I am trying to setup programmatic security with a JSF app and Tomcat 7. I am using a JSF managed bean utilizing the request object's login method to login against the security realm. I know that there are different configurations for the realms in the JSF apps web.xml. I am choosing FORM based authentication and not configuring a login or error page. Since the login and logout is being handled by code. How do I tie a realm name in the web.xml to the realm name in Tomcat's server.xml? Do I tie the web.xml realm name to the dataSourceName attribute in the Realm entity in server.xml config? This application is going through a redesign and conversion to JSF, so it has a legacy database without encrypted passwords. Ya! I know. Bad! Unfortunately, I have inherited this yummy stuff. I plan on changing it later to encrypted passwords. Will the JDBC realm work with passwords in plain text in the database column or is it going to force an MD5 check? I would like to get the redesigned web files up and running while having to perform very little modifications to the database. Thanks, -- James May Software Lead Engineer / Architect Java, PHP, .Net, Leader, Mentor http://www.jamesmay.me
