On Wed, 21 Aug 2002, Hookom, Jacob John wrote:
> Date: Wed, 21 Aug 2002 15:19:56 -0500
> From: "Hookom, Jacob John" <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Realm Security Implementation Question [OT]
>
> We are trying to figure out a way to handle realm-based security in a
> multi-application environement where users and their roles are specified
> in a DB. Users are stored in one table with password and there is a
> table for each application definining permissions for the user.
>
> I have been looking at the new JAASRealm the Craig put together, but
> I'm not sure if it's exactly what we need or if it's going overboard.
> Otherwise we have to represent roles in this manner:
> [applicationName]:[applicationId]:[role] and have a specialized realm do
> string parsing to validate roles within an application.
On most reasonable databases, you can create views that organize the data
in the way that JDBCRealm needs, and that's a *lot* easier than writing
your own LoginMethod implementation in JAAS.
> Our
> applications are deployed under a single war to take advantage of a
> pseudo single sign-on.
>
Tomcat 4 supports "real" single sign on if you want it -- see the section
entitled "Single Sign On":
http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/host.html
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/config/host.html
> Any suggestions would be apprechiated,
>
> Jacob
>
Craig
--
To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]>
For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
