What about the fact that the groupId column in User is called id in the Groups table, would it be a case of making another view to accomplish that translation too?
Besides craeting views, which is easy, what are the other options here? ----- Original Message ----- From: "Shapira, Yoav" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[EMAIL PROTECTED]> Sent: Monday, December 08, 2003 10:48 AM Subject: RE: More sophisticated JDBCRealm Security Howdy, The typical solution in many cases involving JDBCRealm is (if you don't want to customize the realm by coding) to create a view for use by the JDBC realm. In your case, you'd create a view on the user table where only active users are shown, and configure the JDBC realm to query this view rather than the user table. Yoav Shapira Millennium ChemInformatics >-----Original Message----- >From: Frank Febbraro [mailto:[EMAIL PROTECTED] >Sent: Monday, December 08, 2003 10:48 AM >To: Tomcat Users List >Subject: More sophisticated JDBCRealm Security > >In looking through the docs I am surpised that I dont see a way to do some >more "sophisticated" JDBCRealm security. I may just be looking in the wrong >place or misreading something so please let me know if I am. > >My DB tables are arranged as follows > >create table user >( > id BIGINT NOT NULL AUTO_INCREMENT, > email VARCHAR(100) not null unique, > groupId BIGINT not null, > password VARCHAR(20) not null, > active BIT, > primary key (id) >); > >create table groups >( > id BIGINT NOT NULL AUTO_INCREMENT, > role VARCHAR(255) not null, > primary key (id) >); > >The email address is the "user login", password is obvious. > >I would want something that would only let ACTIVE users log in (active = >1), >and User.groupId maps to Groups.id field. > >Using the standard JDBCRealm I do not see how this is possible. Would I >actually have to create my own custom Realm implementation in order to >achieve these goals? > >Thanks for any input/advice, >Frank > > > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
