Hello, with all this confusion (and I am loving it) I will reveal what I am doing :p My website and webapp is to showcase my skills to get work and with a very long term goal of blogging about Java development and having a site to distribute stuff from.

There was a question as to why I am using a realm and application based realm and I have no idea howcome people think I am not using only tomcat realm?

I do access security stuff in application but only to determine if user is logged in to display in jsp as user is logged in as guest or not.

I appreciate this forum and thank you all for replies.

hibernate is not doing any security related stuff other than persisiting new users and thier credentials to mysql.Tomcat is only managing security and hibernate everything else... Hope this clears up discussion. :)

From: "Mark Eggers" <its_toas...@yahoo.com>
Sent: Tuesday, June 01, 2010 4:27 PM
To: "Tomcat Users List" <users@tomcat.apache.org>
Subject: [OT] Re: problems at thejarbar.org


I think it all depends what you need your Realm to manage.

In this instance (single application on Tomcat), then it probably doesn't matter if the Realm sits at the application, Host, or Engine level.

Like you've pointed out before it's nice to have a self-contained application with all of the database configurations in one spot. Having some database configurations in META-INF/context.xml, and others in Tomcat's server.xml seems to be a maintenance / migration challenge waiting to happen.

If you have multiple applications using the same Realm information, then it might make sense to move the Realm to a Host or Engine level. However I cannot think of a good use case off the top of my head to potentially run multiple hosts under one Engine with the same authentication Realm . . . .

Maybe a better place to document all of this and some use case scenarios would be the Wiki. Since I'm thinking about this, I'll see what I can cobble up in the next few days.

Thanks for the comments . . . .


--- On Tue, 6/1/10, Christopher Schultz <ch...@christopherschultz.net> wrote:

From: Christopher Schultz <ch...@christopherschultz.net>
Subject: Re: problems at thejarbar.org
To: "Tomcat Users List" <users@tomcat.apache.org>
Date: Tuesday, June 1, 2010, 3:03 PM
Hash: SHA1


Yes, but honestly, I'd put the <Resource> and
<Realm. configuration into
my webapp's META-INF/context.xml file (which requires that
localDataSource="true" be set on the <Realm>, btw).

To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to