On Thu, 22 Mar 2001, Manish wrote:
>
> Also can someone explain me when my authentication is successful using
> JDBCRealm , how do I get the role information, cause only two attributes
> are set for the session (username and password). Do I have to go back in
> the roles table to get the role info or they are stored in someway in
> the session.
>
There is no API to say "show me the roles this user is in", but you can
ask if they are in a specific role by calling
if (request.isUserInRole("manager")) {
... this user is a manager ...
}
Internally, JDBCRealm reads the roles assigned to this user once they have
been successfully authenticated, and caches that info away so it can
answer the isUserInRole() question. The rest of Tomcat also uses this
information to decide whether this user is allowed to request protected
resources.
> TIA
>
> --
> Manish Poddar
Craig McClanahan
