-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jürgen,
Juergen Weber wrote:
| So, if user tomcat logs in, JNDI realm should say "User unknown" and
| afterwards memory realm should say "fine, user is allowed".
|
| Unfortunately, Tomcat can only use one active realm. Is that right?
Right.
| Is there any other way to get the manager user into Tomcat?
Write a Realm that wraps two other realms, and use that. Something like
this:
public class MultiRealm
~ extends RealmBase
{
~ private List _realms;
~ public MultiRealm(List realms)
~ {
~ _realms = realms;
~ }
~ public Principal authenticate(String username, String credentials)
~ {
~ for(Iterator i=_realms.iterator(); i.hasNext(); )
~ {
~ Principal p = ((Realm)i.next()).authenticare(username,
~ credentials);
~ if(null != p)
~ return p;
~ }
~ return null;
~ }
~ // implement the other methods similarly as pass-through methods
}
| Setting up OpenLdap as Meta Directory before our LDAP server and
| putting the "tomcat" user into OpenLDAP seems a bit overblown.
I would tend to agree.
If you were to write a decent implementation of the above, I would
imagine that the Tomcat folks would happily accept it as a contribution
to the project.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkfZfRkACgkQ9CaO5/Lv0PCbowCghB4vDu2Rg3GUR7hFvKX2zLZt
hz4An2jU7GxmtDsNdU/Z41ftVgVV/4Bc
=TiR4
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
