梁炳場 wrote:
I just install JDBCRealm of Tomcat 5.5
It works. Very simple to configure.
But I have a few questions to ask.
1. How can users change password?
They can't without you writing some custom code.
And if password is encrypted, how to manage password?
eg, how to create the 1st user name and password?
Again, custom code. If you use digest passwords, you can use the same
digest mechanism.
2. Can the Struts Action class get the value of request.isUserInRole("")?
Yes.
3. Can JDBCRealm support policy like JAASRealm?
No.
4. Roles are defined in web.xml and database's tables.
Is it double work? If there is a difference of roles in web.xml
and tables for the same username, which prevail?
There is no user to role mapping in web.xml therefore there is no
question of one prevailing over another.
Database defines mapping between users and roles.
web.xml defines mappign between roles and application resources
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
