Hello, I'm new to tomcat and apache and I've seen some of the tomcat basic auth examples on the web and all of them hardcode a user id/password for a role in the tomcat-users.xml file. What if there is a 1000 userid/pwd combinations for that role that are valid, how can the userid/pwd configuration be made dynamic?
My setup is that any request to my java based tomcat app goes through apache and then mod_jk routes it over to tomcat. I've tried to implement security on the apache side (httpd) but I'm having issues with it and would prefer to have the auth done by the tomcat container. What is the best approach when you have 1000s of userid/pwds that are verified by apache and you need to make sure that the user is auth'd when they get to the webapp in the tomcat container? -Colin -- View this message in context: http://old.nabble.com/Best-Basic-Auth-Approach-tp27151922p27151922.html Sent from the Tomcat - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
