attr wrote:
Is it possible to authenticate a user against one realm (i.e.: LDAP) but 
authorize (obtain roles the user belongs to) against another realm (i.e. 
database)?
Any other solutions than writing an error-prone homegrown one that will allow 
to keep users in one realm, user roles in the other realm and still be able to 
use container-managed authentication with authorization. Best regards.Kamil

No idea about your real question.
But a note/warning : if you manage to do this, it means that in the future you will always have to synchronise your LDAP directory with your database "roles" table, in terms of which user-id's are valid (new users, users leaving etc.). That is not necessarily trivial in practical cases.




---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to