Dinh, Chinh wrote:
I have a tomcat question for you .No. For security reason, a servlet should not have access to any Tomcat classes. If your app is able to have access to those methods, any malicious app can also have access and snif the information.
In Tomcat’s server.xml, we define a realm (only ONE)
<Realm classname = “com.mypackage.myRealm” >
When tomcat starts, I think it will instantiate a realm object of this type .
I am trying to find a way to access this realm object in my servlet (the servlet that starts after the realm's authentication
succeeds).
There’s a method “getRealm()” from org.apache.catalina.core.ContainerBase , but how would we get this ContainerBase ?
Why do you want to have access to the realm?
Does Tomcat have some kind of global object of this type ?
No...and in Tomcat 5,we have enforced the security protection mechanism so it is mostly impossible to invoke Tomcat internal classes (when the security manager is turned on)
Thank you . Chinh
-- Jeanfrancois
--------------------------------- Do you Yahoo!? SBC Yahoo! DSL - Now only $29.95 per month!
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
