"Roytman, Alex" wrote:
>
> May be I should rephrase my question - when user authenticated first time
> the fact of authentication and user's name/password/roles are the same
> across all contexts, does authentication for one context mean authentication
> for all or each context should authenticate separately?
> Reason why I am asking is that I could not find any context specific code in
> SimpleRealm/JDBCRealm and there is only one tomcat-users.xml file which is
> container wide
>
In 3.2, there is only one user database. However, the fact that you have
authenticated yourself to one webapp is *not* known to other webapps, so the
user will have to reauthenticate for each app individually -- in 4.0 this is
known as the "single sign on" support, which you can configure to work across
webapps in the same virtual host.
I don't know of any way to accomplish this user experience in 3.2.
Craig
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
