הילה wrote:
I've posted my problem in the sourceforge forums, but no comments have
received so far. :(
If you have any suggestions to replace this, another way to authenticate the
tomcat to the DB with user and password that do not appear in clear text,
I'll be glad to hear about it.
Have a look at Jespa (http://www.ioplex.com)
In the basic configuration, it works a bit differently : it authenticates (with Windows
Domain) the user who is *using* the Tomcat application, not the Tomcat process itself.
(*)
However, it comes with an API which can probably be used to do what you want.
Send an email to supp...@ioplex.com explaining what you want to achieve, and I am sure
that they will tell you if Jespa can be used for that.
(*) Note the difference : currently, you are authenticating to the DB with the single
"Tomcat user". So all the users of your application really access the database under this
one "group-id". Anyone who can connect to Tomcat, can get data out of the database, under
this one user-id. That may or may not be secure, depending on how the users authenticate
to the Tomcat application.
In the Jespa kind of setup, a java servlet filter picks up the Windows Domain user-id of
the user accessing the Tomcat application.
This same user-id can then be picked up inside the application via getRemoteUser() (or
something sismilar), and used to connect to the database.
Then you really filter accesses to the database by individual user-id.
One or the other setup may be what you really need, but that you have to decide
yourself.
P.S.
There is no need to send me a copy of each message that you send to the list.
I receive all messages to the list anyway (as do the other subscribers), so when you copy
me, I get the same message twice.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
