attr wrote:
Is it possible to authenticate a user against one realm (i.e.: LDAP) but
authorize (obtain roles the user belongs to) against another realm (i.e.
database)?
Any other solutions than writing an error-prone homegrown one that will allow
to keep users in one realm, user roles in the other realm and still be able to
use container-managed authentication with authorization. Best regards.Kamil
No idea about your real question.
But a note/warning : if you manage to do this, it means that in the future you will always
have to synchronise your LDAP directory with your database "roles" table, in terms of
which user-id's are valid (new users, users leaving etc.). That is not necessarily
trivial in practical cases.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org