On Sun, Sep 19, 2004 at 06:19:57PM -0400, Fred Stluka wrote: : I've just searched the archives and it seems that this question : comes up every few months at least. The behavior of rewriting : tomcat-users.xml and changing its permissions to match the : Tomcat umask surprises enough people that it seems worth : changing if possible. I put a lot of faith in "the principal of : least astonishment".
True, but what's the purpose of the MemoryRealm? Is it meant for production use, where this file rewrite/perms issue could be a problem? I always took MemoryRealm for a basic Realm implmentation: test how Realms work without adding database/LDAP debubbing to the mix; and mine it for sample Realm code. If the Manager app's user-management feature works with JDBC, give HSQLDB [1] + JDBCRealm a try. You could lock the user/password info in a file accessible only to the Tomcat user, and not have to worry about the Manager app handling file perms. As an added bonus, you could deploy your webapp as a WAR file. [1] = HSQLDB: on-disk/in-memory, JDBC-compliant database written in Java. http://hsqldb.sourceforge.net/ -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
