And now there is no Joy in Sun Quentin. ;)
g...
> From: Ben Souther <[EMAIL PROTECTED]>
> Reply-To: "Tomcat Users List" <[EMAIL PROTECTED]>
> Date: Fri, 21 Nov 2003 15:51:19 -0500
> To: "Tomcat Users List" <[EMAIL PROTECTED]>
> Subject: Re: [off-topic] jakarta, java, indonesia
>
> Actually, ther
Well... actually the geek that thought up Java named it "Oak".
g...
> From: Erik Wright <[EMAIL PROTECTED]>
> Reply-To: "Tomcat Users List" <[EMAIL PROTECTED]>
> Date: Fri, 21 Nov 2003 15:08:50 -0500
> To: Tomcat Users List <[EMAIL PROTECTED]>
> Subject: Re: [off-topic] jakarta, java, indonesia
This seems to come up (in various variations) again and again.
And, I also asked... "should one simply subclass xxxRealm ... specifically
the java.security.Principal authenticate(java.lang.String username,
java.lang.String credentials) method?" And, then ... maybe ... extending
java.security.Princi
And, if you're not trying to do it "in code"... Tomcat Web Application
Manager... ala http://localhost:8080/manager/html
gary...
> From: "Shapira, Yoav" <[EMAIL PROTECTED]>
> Reply-To: "Tomcat Users List" <[EMAIL PROTECTED]>
> Date: Fri, 21 Nov 2003 08:53:23 -0500
> To: "Tomcat Users List" <[EMAI
Russ:
In general, if application.properties is in your classes dir
ResourceBundle rez = ResourceBundle.getBundle("application");
Put that in your singleton class. Then you could:
MySingleton.accessMySingleton().getRez().getString("a_prop");
Then go nuts and write a taglib to access MySingleton
I'm going around google circles... Within a servlet how do you go about
creating a java.security.Principal given a username and password? i.e.
how-to login within a servlet given a username and password?
Thanks,
gary...
-
To uns
in MD5, then you've got problems. You cannot intercept the submit
> to j_security_check
>
> I think single-sign-on above and beyond tomcat SSO is in the pipeline
> for the long term though.
>
> HTH
> Adam
>
> On 11/17/2003 06:59 PM Gary Hardy wrote:
>&g
jack:
I noticed you haven't received any responses yet. I was kinda waiting to see
is anyone had any bright ideas regarding... catching j_username/j_password
for later use within a webapp. I posted a somewhat related question in
"Subject: application security gone mad".
Someone (please!) correct
Robert,
You hit it on the head...
And, prevail? not a chance, they're a client... I'm the consultant.
And, JAAS? Please. We can't even agree about CMS.
The posting was 1) a rant. 2) fishing for a little parting wisdom (not mine)
to leave with them to "think about".
CMS is fine just the way it is
The long and the short of it is:
There will be an infinite number of "application users". (maybe a few less)
They will have 1-n roles. Let say 3 .
There are a finite number of proxy "EJB access users".
As mentioned earlier, derived from the "application user" roles.
The method level security for E
First let me say this is not a specific tomcat question, rather, a general
application security issue that I'd like to get some feedback on. Secondly,
this is NOT my idea and I already have an opinion about it's ... flaws, to
be kind.
Here's the idea in a nutshell (operative word "nut"):
The app
11 matches
Mail list logo