Re: After 1st installation of JDBCRealm?
> Can JDBCRealm support a user has more than 1 roles? Yes. > Can the SecurityManager support controlling path of Struts such as > /fooApp/fooPath.do? >>Yes you can but this is not at all related to application users/roles. >>See >>http://java.sun.com/j2se/1.4.2/docs/guide/security/smPortGuide.html >>for what this does. Again, please read the security manager docs. It has *nothing* to do with web application user/roles. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: After 1st installation of JDBCRealm?
Thank you. Can JDBCRealm support a user has more than 1 roles? Can the SecurityManager support controlling path of Struts such as /fooApp/fooPath.do? Thank you in advance 在 2005/9/4,Mark Thomas <[EMAIL PROTECTED]> 撰寫: > 梁炳場 wrote: > > Thank you Mark, > > > > How about security manager? > > > > Can I use policy file under $CATALINA_HOME/conf/catalina.policy file > > with JDBCRealm? > > Yes you can but this is not at all related to application users/roles. > See > http://java.sun.com/j2se/1.4.2/docs/guide/security/smPortGuide.html > for what this does. > > Mark > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
Re: After 1st installation of JDBCRealm?
梁炳場 wrote: > Thank you Mark, > > How about security manager? > > Can I use policy file under $CATALINA_HOME/conf/catalina.policy file > with JDBCRealm? Yes you can but this is not at all related to application users/roles. See http://java.sun.com/j2se/1.4.2/docs/guide/security/smPortGuide.html for what this does. Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: After 1st installation of JDBCRealm?
Thank you Mark, How about security manager? Can I use policy file under $CATALINA_HOME/conf/catalina.policy file with JDBCRealm? 2005/9/3, Mark Thomas <[EMAIL PROTECTED]>: > 梁炳場 wrote: > > I just install JDBCRealm of Tomcat 5.5 > > It works. Very simple to configure. > > > > But I have a few questions to ask. > > > > 1. How can users change password? > They can't without you writing some custom code. > > > And if password is encrypted, how to manage password? > > eg, how to create the 1st user name and password? > Again, custom code. If you use digest passwords, you can use the same > digest mechanism. > > > 2. Can the Struts Action class get the value of request.isUserInRole("")? > Yes. > > > 3. Can JDBCRealm support policy like JAASRealm? > No. > > > 4. Roles are defined in web.xml and database's tables. > > Is it double work? If there is a difference of roles in web.xml > > and tables for the same username, which prevail? > There is no user to role mapping in web.xml therefore there is no > question of one prevailing over another. > > Database defines mapping between users and roles. > web.xml defines mappign between roles and application resources > > > > > - > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
Re: After 1st installation of JDBCRealm?
梁炳場 wrote: I just install JDBCRealm of Tomcat 5.5 It works. Very simple to configure. But I have a few questions to ask. 1. How can users change password? They can't without you writing some custom code. And if password is encrypted, how to manage password? eg, how to create the 1st user name and password? Again, custom code. If you use digest passwords, you can use the same digest mechanism. 2. Can the Struts Action class get the value of request.isUserInRole("")? Yes. 3. Can JDBCRealm support policy like JAASRealm? No. 4. Roles are defined in web.xml and database's tables. Is it double work? If there is a difference of roles in web.xml and tables for the same username, which prevail? There is no user to role mapping in web.xml therefore there is no question of one prevailing over another. Database defines mapping between users and roles. web.xml defines mappign between roles and application resources - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
After 1st installation of JDBCRealm?
I just install JDBCRealm of Tomcat 5.5 It works. Very simple to configure. But I have a few questions to ask. 1. How can users change password? And if password is encrypted, how to manage password? eg, how to create the 1st user name and password? 2. Can the Struts Action class get the value of request.isUserInRole("")? 3. Can JDBCRealm support policy like JAASRealm? 4. Roles are defined in web.xml and database's tables. Is it double work? If there is a difference of roles in web.xml and tables for the same username, which prevail? Can anyone give me hints? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]