I just need to know the roles that an application uses.
I thougth i could look for the context.xml of the application and read the
file searching for <Realm> to see if the application has its own realm or if
i have to look for a <Realm> of an upper level.
I was looking for <Realm> because i thougth it was the only way to know what
roles an application could use, but my purpose is to know the roles (not the
roles for a specific user, i want all the roles that there are in the
database).
So, what is the best i can do?
Could you give more information about the userPrincipal? I don´t know
exactly what i could do with it.
Thank you very much for all!!
David Delbecq-2 wrote:
>
> Hello,
>
> i happened in the past to be coding a specific real that had to provide
> extra informations to webapp (like user fullname, email, roles, etc). I
> could only do this using the userprincipal (created own subclass then
> typcasted it at webapp level).
>
> You simple CAN't query the realm, because the realm is in a different
> classloader (server/lib) that is not accessible from webapp classloader.
> Your webapp has no way to see the realm.
>
> What you can do, however, is to use the security filter (google for it)
> that is a webapp level implemented J2EE security specs implementation.
> It run the realms at webapp level (so it's not tomcat anymore that
> handle authentifcation) and allows you to cross the line between webapp
> and authentification mecanisms.
>
>
> However, the easiest and cleanest solution would be to just configure
> you webapp so it so it knows what db to use :/
>
>
>
>
> maux a écrit :
>> As Alan says, my purpose would be to query the database all the roles
>> that it
>> contains. But i can´t do that if i don´t know what database an
>> application
>> uses. So, my question is how can i know what database does an application
>> use? Maybe if i could know which realm the application is using, i could
>> access to the database. But how can i do this??
>>
>> Thank you for all your help!!
>>
>>
>> mgainty wrote:
>>
>>> yes..Tough call without knowing what type of realm you will be
>>> implementing
>>> for (specifically would the realm be Memory or JDBC)
>>>
>>> I found this jsp code for which will take the parameters role from the
>>> request /verify / and output encoded string
>>> <% String role = request.getParameter("role"); if (role == null) role =
>>> "";
>>> if (role.length() > 0) { if (request.isUserInRole(role)) { %> You have
>>> been
>>> granted role <%= util.HTMLFilter.filter(role) %>
>>>
>>> <% }
>>>
>>> which will output something like <admin> assuming your are
>>> requesting
>>> admin access
>>>
>>> HTH/
>>> Martin--
>>> ----- Original Message -----
>>> Wrom: YZUNNYCGPKYLEJGDGVCJVTLBXFGGMEP
>>> To: "Tomcat Users List" <users@tomcat.apache.org>
>>> Sent: Thursday, February 07, 2008 2:40 PM
>>> Subject: Re: Application Realm in Tomcat
>>>
>>>
>>>
>>>> Via the spec - you can't query all the roles a user has. But you can
>>>> say
>>>> request.isUserInRole(rolename)
>>>>
>>>> If you *need* access to the realm, things start to get ugly. You need
>>>> to
>>>> start coding against Tomcat internal specific classes.
>>>>
>>>> -Tim
>>>>
>>>> maux wrote:
>>>>
>>>>> Hi,
>>>>> I am doing a Java code. This code have to access to the realm
>>>>> that an application in Tomcat is using, after that the code have to
>>>>>
>>> access
>>>
>>>>> to
>>>>> that realm and look for the roles that exist in that database.
>>>>>
>>>>>
>>>> ---------------------------------------------------------------------
>>>> To start a new topic, e-mail: users@tomcat.apache.org
>>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>>>
>>>>
>>>>
>>> ---------------------------------------------------------------------
>>> To start a new topic, e-mail: users@tomcat.apache.org
>>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>>> For additional commands, e-mail: [EMAIL PROTECTED]
>>>
>>>
>>>
>>>
>>
>>
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Application-Realm-in-Tomcat-tp15334971p15346386.html
Sent from the Tomcat - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
