On Tuesday 08 May 2007 10:25, David Kerber wrote: > I posted this on comp.lang.java.security yesterday, but haven't gotten a > single answer, so I'm hoping you people can help: > > I'm trying to implement ACL's in my Tomcat-based webapp, and am having > trouble applying what I read in the docs and in my googling to my > real-life application. Could somebody please point me to a good > tutorial or some example code that shows how to set and check the > permissions (read only vs read/write, administration vs general user, > etc) that a given user will have to access a given object? > > I've got the authentication part going with no trouble, but am having > trouble with the access control side of things. > > TIA! > Dave > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED]
Dave, I'm not a security expert or anything like that, but you might want to look into the Java Authentication and Authorization API. While it may not be the best solution, it might work better for what you are trying to do. Here's an url that might be a start: ftp://ftp.oreilly.com/pub/conference/java2001/Rich_Jaas.pdf Good Luck, Zack --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
