On Fri, Mar 14, 2008 at 7:50 PM, Christopher Schultz
<[EMAIL PROTECTED]> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Jürgen,
>
> Juergen Weber wrote:
>
> | the idea you sketched depends on the constructor being called with a
> | list of realms. Is that so?
>
> Not necessarily. Most objects that represent elements in server.xml have
> no-arg constructors and then setFoo() methods on them. I would imagine
> that you could write a setRealm() method on your new realm
> implementation and allow it to be called multiple times (more of an
> addRealm, really, but I think setRealm is what you'll likely get). You
> might have to change the digester rules to allow <realm> within a
> <realm>, though.
You mean something like this ?
<Realm className="MultiRealm"
<Realm className="org.apache.catalina.realm.JNDIRealm" debug="99"
connectionURL="ldap://localhost:389";
userPattern="uid={0},ou=people,dc=mycompany,dc=com"
roleBase="ou=groups,dc=mycompany,dc=com"
roleName="cn"
roleSearch="(uniqueMember={0})" />
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
/>
I have no idea how to teach that to Digester.
>
>
> | Probably one would have to get the surrounding container with
> | Realm.getContainer() and browse the whole nested container tree to get
> | all realms.
>
> You could do that, but I'm not sure how you would identify all the
> realms that should be included (versus those that should not be).
OK, that wouldn't work, as only _one_ realm can be defined in each of
Engine, Host and Context. So MultiRealm would have to be in Context to
have two other realms to call, which is awkward.
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
