As opposed to having realm read from external source like ldap or jdbc... My webapp JASM uses in-memory user/role database. I realize this isn't "ideal"...but.
JASM uses simple form-like authentication hard-wired into jsp. I couldn't use basic/form because user database is stored in serialized data in webapp. Well...now that I've got axis camera which can report via http...but it attempts Basic authentication and JASM uses hard form. I could have JASM read Basic auth header from camera...but I'd rather have realm specific to webapp. Problem is...realm classes assume OUTSIDE of webapp (jndi, jdbc, etc.)...no way to tap into serialized data stored in webapp. Does this sound correct? Until I store user/role information for JASM in external db (which I need to do anyways)...I guess I'm stuck just picking off Basic auth header. Only disadvantage of not using tomcat realms is I cannot use "isUserInRole"/etc. methods...but no big deal I guess. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
