Dirk Brockmann wrote:
> Hi,
> I am running tomcat 3.2.1. I have
> developed a simple
> test webapp and now I wish to make it
> secure via form
> based authentication.
> I have made use of the security concepts
> that
> come with tomcat as in the examples
> webapp
> and have played with the
> tomcat-users.xml
> and the web.xml belonging to my webapp.
> Now I have run into the following
> problem.
> What if I have many different webapps,
> each with
> an individual set of users, roles, etc.
> As I understand it (I'm fairly new to
> servlets, tomcat, etc)
> then the information in tomcat-users.xml
> is global.
> How do I administer users, roles etc for
> single web-applications?
> Can anyone help me. There must be API
> for this sort
> of thing and I do not want to reinvent
> the wheel.
> I would appreciate very much any help of
> suggestions, so
> far I wasn't able to find anything
> appropriate and
> I am also not sure if I understand the
> security concepts correctly.
> Thanks very much in advance,
> Dirk
>
In Tomcat 3.2, the tomcat-users.xml file is indeed global. To administer
users for each web app, you need 4.0.
Craig
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
