Re: Authentication and authorization questions

2007-09-21 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jean, jmuller wrote: > I've written my own DataSourceRealm that overwrite Tomcat's one, and put the > jar in server/lib. > It only overwrites the getRoles() method to change the SQL statement. See > source here: http://www.nabble.com/file/p12820411/D

Re: Authentication and authorization questions

2007-09-21 Thread jmuller
: > > possible OpenSessionInViewFilter problem > which version hibernate are you implementing with? > > M-- > - Original Message - > From: "jmuller" <[EMAIL PROTECTED]> > To: > Sent: Friday, September 21, 2007 9:14 AM > Subject: Re: Authentication and auth

Re: Authentication and authorization questions

2007-09-21 Thread Martin Gainty
possible OpenSessionInViewFilter problem which version hibernate are you implementing with? M-- - Original Message - From: "jmuller" <[EMAIL PROTECTED]> To: Sent: Friday, September 21, 2007 9:14 AM Subject: Re: Authentication and authorization questions > > &

Re: Authentication and authorization questions

2007-09-21 Thread jmuller
th userId and roleId I've written my own DataSourceRealm that overwrite Tomcat's one, and put the jar in server/lib. It only overwrites the getRoles() method to change the SQL statement. See source here: http://www.nabble.com/file/p12820411/DataSourceRealm.java DataSourceRealm.java (free

Re: Authentication and authorization questions

2007-08-30 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Lb, lightbulb432 wrote: > But if the login and login-error pages are the same page (meaning > that when someone fails an access check they get redirected to the > login-error page, which is actually the login page where they must > re-enter their cred

Re: Authentication and authorization questions

2007-08-29 Thread lightbulb432
nd it may well arise if you decide to split up a large website's modules into different contexts.) The securityfilter projects says they're looking into SSO, but the project looks inactive enough that I'm not going to hold my breath. I tried looking for other Java servlet securi

Re: Authentication and authorization questions

2007-08-29 Thread Christopher Schultz
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Lb, lightbulb432 wrote: > Where does Tomcat authentication fit into the request processing lifecycle? > Does it happen before even the very first filter gets called? Yes. It's implemented as a Valve that runs before any of your code gets a chance to

Re: Authentication and authorization questions

2007-08-29 Thread Glenn McCall
Below... I hope it helps Glenn Mc - Original Message - From: "lightbulb432" <[EMAIL PROTECTED]> To: Sent: Wednesday, August 29, 2007 2:33 PM Subject: Authentication and authorization questions I have several questions about authentication and authorization in

Authentication and authorization questions

2007-08-28 Thread lightbulb432
ore importantly it may be disallowed from data standards in some organizations. Thanks. -- View this message in context: http://www.nabble.com/Authentication-and-authorization-questions-tf4345698.html#a12380709 Sent from the Tomcat - User mailing l