1. This is not the usual use of a Realm. 2. Yes, a Realm is used to do the authentication of users, and to define which Roles they belong to. The mapping to actions would normally be handled by <security-constraints> or servlet code in the web-app. 3. o.a.c.Realm is an interface. You can plug any class that implements it into Tomcat 4, and it should work fine. There are some issues with custom Realms if you want to use the MBeans stuff, and configure it from the admin web-app. Otherwise, it works great for me.
"Manavendra Gupta" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > Hi, > > > Like all web applications, I need to provide some kind of session > maintenance. Would the concept of a Realm help in this? > > 1. Is this the correct application/use of a realm? > 2. Is a realm akin to a SSO/LDAP server, where the user's roles and mapping > to actions is stored? > 3. How extensible is a realm? > > Can someone provide a step-by-step example of how to setup and use a realm? > > Manav. -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
