aspose file tools*
The moose likes Servlets and the fly likes Server (Tomcat) Managed Role-Based Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Servlets
Bookmark "Server (Tomcat) Managed Role-Based Authentication" Watch "Server (Tomcat) Managed Role-Based Authentication" New topic
Author

Server (Tomcat) Managed Role-Based Authentication

JiaPei Jen
Ranch Hand

Joined: Nov 19, 2000
Posts: 1309
I am using the Tomcat 5.0.27. In order to use server managed "role-based" authentication, we supply the server with two tables. One of the tables containes userID and password, and the other tables contains userID and userRole (a person can have more than one role).

My difficulty stems from the tables are structured in my database. I do have a table that contains userID and password; however, I do not have a table that contains userID and userRole. In order to know a person's role, I have to navigate from one table to another using foreign key and primary key.

Is there a way to tell the server to navigate from one table to another to find a person's role? Or we "must" create a table that contains userID and userRole for us to use the isUserInRole() method for security check?
Mark Spritzler
ranger
Sheriff

Joined: Feb 05, 2001
Posts: 17260
    
    6

I thought isUserInRole() was used to read the security roles defined in the web.xml, not from a database?

Mark


Perfect World Programming, LLC - Two Laptop Bag - Tube Organizer
How to Ask Questions the Smart Way FAQ
JiaPei Jen
Ranch Hand

Joined: Nov 19, 2000
Posts: 1309
But, we have to map each user to his/her role somewhere. And it is in the server.xml file.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Server (Tomcat) Managed Role-Based Authentication