The only exposure that I have to this is configuring tomcat-users.xml so I can use the manager webapp, so please bear with me.
I've got several web front-ends for a non-JDBC database. There is a 'green screen' (telnet) app running against the DB that uses a system of user security classes to which different 'screens' are assigned. That data is stored in the DB itself. We've fit the web front end into this system by assigning each 'page' of the webapp a 'screen id', so that the admin can define who sees what in a single place. What I'm wondering is if there's any hope of using this data with the existing request.isUserInRole() method. (The security classes are (loosely) roles.) I only need to deal with authorization. Authentication is handled separately by a Filter that redirects elsewhere to make them log in. Can someone point me in the right general direction? Everything Google turns up starts in with configuring a JDBC or JNDI realm, and I don't think that part of it will ever work with this database. Would I end up defining my own kind of a Realm? Confused, -- Wendy Smoak --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]