hi Jeff, Thanks for the reply. I have tried this but am not able to get it to work.
My plan looks like this for test/web/1 and test/web/2. Both apps use same Realm and Valve. <?xml version="1.0" encoding="UTF-8"?> <web-app xmlns="http://geronimo.apache.org/xml/ns/web"; xmlns:sec="http://geronimo.apache.org/xml/ns/security"; configId="test/web/2"> <context-root>/web2</context-root> <context-priority-classloader>false</context-priority-classloader> <container-config container="Tomcat"> <config-param name="TomcatRealm">TomcatJAASRealm</config-param> <config-param name="TomcatValveChain">SSOValve</config-param> </container-config> <security-realm-name>geronimo-properties-realm</security-realm-name> <security> <default-principal realm-name="properties-realm"> <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system" /> </default-principal> <role-mappings> <role role-name="admin"> <realm realm-name="properties-realm"> <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="admin" designated-run-as="true" /> <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="system" /> </realm> </role> <role role-name="users"> <realm realm-name="properties-realm"> <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="users" designated-run-as="true" /> <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="user1" /> <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="user2" /> </realm> </role> <role role-name="guest"> <realm realm-name="properties-realm"> <principal class="org.apache.geronimo.security.realm.providers.GeronimoGroupPrincipal" name="guest" designated-run-as="true" /> <principal class="org.apache.geronimo.security.realm.providers.GeronimoUserPrincipal" name="guest1" /> </realm> </role> </role-mappings> </security> <gbean name="SSOValve" class="org.apache.geronimo.tomcat.ValveGBean"> <attribute name="className">org.apache.catalina.authenticator.SingleSignOn</attribute> </gbean> </web-app> Regards Krish On 4/20/06, Jeff Genender <[EMAIL PROTECTED]> wrote: > Yes, you should be able to do this. Look at the geronimo-web.xml for > the Tomcat descriptor. There is a xml tag that lets you reference a > valve in the geronimo-web.xml. > > Krishnakumar B wrote: > > Hi, > > > > I have a ? related to SSO in tomcat. > > > > I can build geronimo configuring a SSO Valve and use this in web > > applications deployed in Tomcat. This works. > > > > If i deploy a new Valve along with a web application this does not work. > > > > Can valves be deployed at application level so that it works for some > > web applications? I dont need to have a pre-built Valve enabled with > > the Server if this works. > > > > Regards > > Krish >
