>2012/1/23 <removeps-c...@yahoo.com>: > Initially I thought that my RootJDBCRealm might be the problem, but how can > that be? RootJDBCRealm extends Tomcat's own JDBCRealm. It >overrides > authenticate to call super.authenticate and if there are 3 failures (in that > super.authenticate returns null), then it locks out the user. So could >the > user of RootJDBCRealm still be a problem? Thanks.
>From Tomcat 7 docs: "The JDBCRealm is not recommended for production use as it is single threaded for all authentication and authorization options. Use the DataSourceRealm instead. The UserDatabaseRealm is not intended for large-scale installations. It is intended for small-scale, relatively static environments." --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
