> From: Matthew Kerle [mailto:[EMAIL PROTECTED]
> Subject: tomcat memory realms & tomcat-users.xml
>
> I've read the tomcat docs on memory realm:
> http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html#MemoryRealm,
> and I want to expose the org.apache.catalina.UserDatabase
> class to the web service context via a <ResourceLink...>.
You probably don't want to do that (even if it's possible, which I
doubt), since all code in the webapps would then have access to the
credentials.
> I'd like to be able to authenticate users without having
> to add a <security-constraint> to my web.xml, so that
> unauthenticated clients can still connect.
URL patterns in the <security-constraint> allow you to control which
portions of the webapp are accessible to unauthenticated users. If you
want something with finer granularity, a filter is probably appropriate.
Take a look at:
http://securityfilter.sourceforge.net/
for a popular one.
- Chuck
THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
