> From: Juergen Weber [mailto:[EMAIL PROTECTED]
> Subject: Re: Tomcat and parallel security realms
>
> OK, that wouldn't work, as only _one_ realm can be defined in each of
> Engine, Host and Context. So MultiRealm would have to be in Context to
> have two other realms to
On Fri, Mar 14, 2008 at 7:50 PM, Christopher Schultz
<[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Jürgen,
>
> Juergen Weber wrote:
>
> | the idea you sketched depends on the constructor being called with a
> | list of realms. Is that so?
>
> Not necessarily.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jürgen,
Juergen Weber wrote:
| the idea you sketched depends on the constructor being called with a
| list of realms. Is that so?
Not necessarily. Most objects that represent elements in server.xml have
no-arg constructors and then setFoo() methods
Christopher,
the idea you sketched depends on the constructor being called with a
list of realms. Is that so?
If you look at http://tomcat.apache.org/tomcat-6.0-doc/api/index.html
all realms in org.apache.catalina.realm have only the default constructor.
Probably one would have to get the surroun
> From: Juergen Weber [mailto:[EMAIL PROTECTED]
> Subject: Tomcat and parallel security realms
>
> Unfortunately, Tomcat can only use one active realm. Is that right?
Yes, but you can write your own Realm as a wrapper that simply serially
calls the real ones until the desired
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jürgen,
Juergen Weber wrote:
| So, if user tomcat logs in, JNDI realm should say "User unknown" and
| afterwards memory realm should say "fine, user is allowed".
|
| Unfortunately, Tomcat can only use one active realm. Is that right?
Right.
| Is th
Hi,
I have Tomcat users in an LDAP directoy. All users have the same
rights, there are no groups. I have no influence over the LDAP
servers' content.
Tomcat uses the JNDI realm.
Now, I need an additional, technical, user for Tomcat, that should be
allowed to restart/redeploy web apps.Everybody sh
