RE: Security constraint/login form

ok, thanks, David! -Original Message- From: David Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 21, 2006 11:48 AM To: Tomcat Users List Subject: Re: Security constraint/login form Looking at the source for org.apache.catalina.JDBCRealm, the queries on the database are confined

Re: Security constraint/login form

ECTED] Sent: Monday, August 21, 2006 10:51 AM To: Tomcat Users List Subject: Re: Security constraint/login form Could you post some relevant sections of your webapp? I'm thinking the security constraint section of your web.xml, a representative segment of your user database table, and the lo

Re: Security constraint/login form

2006 11:51 AM Subject: Re: Security constraint/login form > Could you post some relevant sections of your webapp? I'm thinking the > security constraint section of your web.xml, a representative segment of > your user database table, and the logs where a request is made to

RE: Security constraint/login form

ching third col to the users table as well? Or is that immaterial? -Original Message- From: David Smith [mailto:[EMAIL PROTECTED] Sent: Monday, August 21, 2006 10:51 AM To: Tomcat Users List Subject: Re: Security constraint/login form Could you post some relevant sections of your webapp?

Re: Security constraint/login form

redeploy in the war file upon restart? -Original Message- From: Marc Farrow [mailto:[EMAIL PROTECTED] Sent: Thursday, August 17, 2006 4:03 PM To: Tomcat Users List Subject: Re: Security constraint/login form The names are irrelevant. They just have to match between implementation and s

RE: Security constraint/login form

never mind...sorry, I did see it in the web.xml file under the role-name element. Sorry about that! -Original Message- From: Propes, Barry L Sent: Monday, August 21, 2006 10:43 AM To: Tomcat Users List Subject: RE: Security constraint/login form Ok, I'm finding that the name

RE: Security constraint/login form

olumn in another DB table I've > created or yest to my last question about the values being what I want? > > -Original Message- > From: Marc Farrow [mailto:[EMAIL PROTECTED] > Sent: Thursday, August 17, 2006 3:38 PM > To: Tomcat Users List > Subject: Re: Security c

RE: Security constraint/login form

t 18, 2006 9:27 AM To: Tomcat Users List Subject: Re: Security constraint/login form Valid roles are whatever are defined to be valid. The specific name does not matter. But if you are using a Database for validation, then the roles are pulled from the database column that you have associate

Re: Security constraint/login form

choices? Is valid ONLY service or admin? -Original Message- From: David Smith [mailto:[EMAIL PROTECTED] Sent: Friday, August 18, 2006 6:26 AM To: Tomcat Users List Subject: Re: Security constraint/login form Over an hour? Not even ODBC has that kind of latency. Could you be looki

RE: Security constraint/login form

[mailto:[EMAIL PROTECTED] Sent: Friday, August 18, 2006 6:26 AM To: Tomcat Users List Subject: Re: Security constraint/login form Over an hour? Not even ODBC has that kind of latency. Could you be looking at a caching issue? --David Propes, Barry L wrote: >ok, thanks..I think there&

RE: Security constraint/login form

To: Tomcat Users List Subject: Re: Security constraint/login form Over an hour? Not even ODBC has that kind of latency. Could you be looking at a caching issue? --David Propes, Barry L wrote: >ok, thanks..I think there's a fair amount of latency between my database query >

Re: Security constraint/login form

s RISK, author, legaldept, etc.? -Original Message- From: Marc Farrow [mailto:[EMAIL PROTECTED] Sent: Thursday, August 17, 2006 2:11 PM To: Tomcat Users List Subject: Re: Security constraint/login form Are you talking about the tomcat-users.xml file and the roles defined in there? The security-contrain

Re: Security constraint/login form

ver an hour ago was still showing the old value, and could have been causing some of the problems. -Original Message- From: Marc Farrow [mailto:[EMAIL PROTECTED] Sent: Thursday, August 17, 2006 4:03 PM To: Tomcat Users List Subject: Re: Security constraint/login form The names are ir

RE: Security constraint/login form

om: Marc Farrow [mailto:[EMAIL PROTECTED] Sent: Thursday, August 17, 2006 4:03 PM To: Tomcat Users List Subject: Re: Security constraint/login form The names are irrelevant. They just have to match between implementation and setup. On 8/17/06, Propes, Barry L <[EMAIL PROTECTED]> wrote: >

Re: Security constraint/login form

created or yest to my last question about the values being what I want? -Original Message- From: Marc Farrow [mailto:[EMAIL PROTECTED] Sent: Thursday, August 17, 2006 3:38 PM To: Tomcat Users List Subject: Re: Security constraint/login form Quick answer is yes. On 8/17/06, Propes, Barr

RE: Security constraint/login form

Sent: Thursday, August 17, 2006 3:38 PM To: Tomcat Users List Subject: Re: Security constraint/login form Quick answer is yes. On 8/17/06, Propes, Barry L <[EMAIL PROTECTED]> wrote: > > I wonder though...do the role_names have to be service or admin or > something like that? > &

Re: Security constraint/login form

Subject: Re: Security constraint/login form Are you talking about the tomcat-users.xml file and the roles defined in there? The security-contraints are pretty flexible and you can use any number of ways to define your realms. If you look at the web.xml for the manager application (that is shipped

RE: Security constraint/login form

ing a column called role_name, but with a value such as RISK, author, legaldept, etc.? -Original Message- From: Marc Farrow [mailto:[EMAIL PROTECTED] Sent: Thursday, August 17, 2006 2:11 PM To: Tomcat Users List Subject: Re: Security constraint/login form Are you talking about the tomcat-user

RE: Security constraint/login form

just be able to run a simple select query to get the values I need to return the proper info per each user's roles and credentials. Thanks, both of you guys! -Original Message- From: Marc Farrow [mailto:[EMAIL PROTECTED] Sent: Thursday, August 17, 2006 2:11 PM To: Tomcat Users Lis

Re: Security constraint/login form

day, August 17, 2006 11:13 AM To: Tomcat Users List Subject: Security constraint/login form I realize that in Tomcat (I'm using 4.1.3 and 4.0.1 by the way -- a version on a prod. server and one ony my desktop) that you can create the simple table titled users and configure it in the server.xml

RE: Security constraint/login form

ok, well that certainly helps and gives very good direction! Thank you, David! -Original Message- From: David Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, August 17, 2006 2:02 PM To: Tomcat Users List Subject: Re: Security constraint/login form Getting the remote user would be

Re: Security constraint/login form

table, I mean one in addition to the user_name and user_roles table that Tomcat requires for the form login security constraint to work. -Original Message- From: Propes, Barry L Sent: Thursday, August 17, 2006 11:13 AM To: Tomcat Users List Subject: Security constraint/login form I re

RE: Security constraint/login form

quires for the form login security constraint to work. -Original Message- From: Propes, Barry L Sent: Thursday, August 17, 2006 11:13 AM To: Tomcat Users List Subject: Security constraint/login form I realize that in Tomcat (I'm using 4.1.3 and 4.0.1 by the way -- a version on a p

Security constraint/login form

I realize that in Tomcat (I'm using 4.1.3 and 4.0.1 by the way -- a version on a prod. server and one ony my desktop) that you can create the simple table titled users and configure it in the server.xml file and then likewise configure the web.xml file's security constraint properties. My ques