Thanks for the detail. As a final note and in case you are not already doing this, I have found the <scope>provided</scope> element in <dependency/> useful under similar circumstances when building a war. This prevents bundling of dependencies provided by the container such as catalina, servlet, etc.
Regards, Oliver -----Original Message----- From: users-return-242264-OLIVER.TANGLIN=saic....@tomcat.apache.org on behalf of Tobias Gierke Sent: Wed 6/12/2013 5:17 AM To: users@tomcat.apache.org Subject: Re: Possible to expose a Tomcat Realm instance through JNDI ? Hi, > Thanks for posting your results. > > But I am thinking now that this may lead to a portability issue. Push to a > container other than Tomcat and 'org.apache.catalina.User' will not be > available on the classpath. Yes, this is a portability issue. But to be honest, changing (assuming a reasonably big application) to a different Application server is almost as unlikely as migrating to a different database vendor. At least in the last 15 years I've never seen this happen ... YMMV though ;) > > Also, during development you are forced to include catalina as a dependency > to compile. Or are you somehow using reflection? Yes, I'm depending on the Tomcat API. We already had it as a dependency in a different sub-module because we're using a custom Realm implementation. Since it's a Maven build I only need to update the version number in the parent POM.xml when upgrading the Tomcat, so not much of a hassle there. Cheers, Tobias > > Oliver > > > > -----Original Message----- > From: users-return-242261-OLIVER.TANGLIN=saic....@tomcat.apache.org on behalf > of Tobias Gierke > Sent: Wed 6/12/2013 2:12 AM > To: users@tomcat.apache.org > Subject: Re: Possible to expose a Tomcat Realm instance through JNDI ? > > Hi Oliver, >> I think I now understand your issue. I was faced with a similar problem and >> could not figure out how to get the roles of an authenticated user through >> the servlet API. >> >> It seems to only allow the question 'request.isUserInRole(role)'. But does >> not seem to provide a way to get a list of roles that the user is in. >> >> I used a kludge whereby I defined the valid roles in a context init >> parameter (bad duplication of effort). Then used >> 'request.isUserInRole(role)'. I did not think to cast the >> 'request.getUserPrincipal()' return value. >> >> Please post if your methodology works. >> >> Oliver >> > I ended up using WebserviceContext#getUserPrincipal() and downcasting it > to org.apache.catalina.User ; should probably also work with the plain > HttpServletRequest since WebserviceContext is just a wrapper. > > Cheers, > Tobias > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
