Cathy Young wrote:
> How can a JSP get access to the authenticate method of a request
> interceptor, such as JDBCRealm ?
>
> Is there also a way for a JSP to find out which interceptor is handling
> authentication.
>
In a portable webapp, there is no access to things like this -- the only thing
EMAIL PROTECTED]
> Subject: Re: RequestInterceptor authenticate and authorize. Need
> advise
>
> "Roytman, Alex" wrote:
>
> > Hello,
> >
> > As I understand, RequestInterceptor.authenticate() and authorize() get
> > called every time a protected
"Roytman, Alex" wrote:
>
> May be I should rephrase my question - when user authenticated first time
> the fact of authentication and user's name/password/roles are the same
> across all contexts, does authentication for one context mean authentication
> for all or each context should authentic
s only one tomcat-users.xml file which is
container wide
-Original Message-
From: Craig R. McClanahan [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, January 24, 2001 6:10 PM
To: [EMAIL PROTECTED]
Subject: Re: RequestInterceptor authenticate and authorize. Need advise
&
"Roytman, Alex" wrote:
> Hello,
>
> As I understand, RequestInterceptor.authenticate() and authorize() get
> called every time a protected resource is being accessed. Does it mean
> tomcat do not cache user/roles after first authentication?
>
Tomcat 4.0 caches the authenticated principal in the
Hello,
As I understand, RequestInterceptor.authenticate() and authorize() get
called every time a protected resource is being accessed. Does it mean
tomcat do not cache user/roles after first authentication?
Should I perform actual authentication every time (which is awfully resource
consuming)