Hello, with all this confusion (and I am loving it) I will reveal what I am
doing :p My website and webapp is to showcase my skills to get work and with
a very long term goal of blogging about Java development and having a site
to distribute stuff from.
There was a question as to why I am using a realm and application based
realm and I have no idea howcome people think I am not using only tomcat
realm?
I do access security stuff in application but only to determine if user is
logged in to display in jsp as user is logged in as guest or not.
I appreciate this forum and thank you all for replies.
hibernate is not doing any security related stuff other than persisiting new
users and thier credentials to mysql.Tomcat is only managing security and
hibernate everything else... Hope this clears up discussion. :)
--------------------------------------------------
From: "Mark Eggers" <its_toas...@yahoo.com>
Sent: Tuesday, June 01, 2010 4:27 PM
To: "Tomcat Users List" <users@tomcat.apache.org>
Subject: [OT] Re: problems at thejarbar.org
Chris,
I think it all depends what you need your Realm to manage.
In this instance (single application on Tomcat), then it probably doesn't
matter if the Realm sits at the application, Host, or Engine level.
Like you've pointed out before it's nice to have a self-contained
application with all of the database configurations in one spot. Having
some database configurations in META-INF/context.xml, and others in
Tomcat's server.xml seems to be a maintenance / migration challenge
waiting to happen.
If you have multiple applications using the same Realm information, then
it might make sense to move the Realm to a Host or Engine level. However I
cannot think of a good use case off the top of my head to potentially run
multiple hosts under one Engine with the same authentication Realm . . . .
Maybe a better place to document all of this and some use case scenarios
would be the Wiki. Since I'm thinking about this, I'll see what I can
cobble up in the next few days.
Thanks for the comments . . . .
/mde/
--- On Tue, 6/1/10, Christopher Schultz <ch...@christopherschultz.net>
wrote:
From: Christopher Schultz <ch...@christopherschultz.net>
Subject: Re: problems at thejarbar.org
To: "Tomcat Users List" <users@tomcat.apache.org>
Date: Tuesday, June 1, 2010, 3:03 PM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark,
Yes, but honestly, I'd put the <Resource> and
<Realm. configuration into
my webapp's META-INF/context.xml file (which requires that
localDataSource="true" be set on the <Realm>, btw).
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
