Arun wrote: > Hi, > I have a tomcat 6 installed. I have a running webapplication . I need to > implement a role based access control. How can I combine servers caabilities > so that I can use the request.getPrincipal() method ... I also have a list > of roles and groups and who all are assigned what all roles/groups in db. > Now its time to implement an access control mechanism. I do not want Basic > authentication with a popup. I will be logging in by a normal html sign in > form, with a username and password field. Once that is done everything > should be the J2EE way. The roles for that user should get added to the > request and I can use it for authorization. >
Form based authentication, part of the servlet spec, is what you are referring to. Google is your friend. http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html p --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
