File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
Win a copy of Soft Skills: The software developer's life manual this week in the Jobs Discussion forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Server (Tomcat) Managed Role-Based Authentication

 
JiaPei Jen
Ranch Hand
Posts: 1309
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am using the Tomcat 5.0.27. In order to use server managed "role-based" authentication, we supply the server with two tables. One of the tables containes userID and password, and the other tables contains userID and userRole (a person can have more than one role).

My difficulty stems from the tables are structured in my database. I do have a table that contains userID and password; however, I do not have a table that contains userID and userRole. In order to know a person's role, I have to navigate from one table to another using foreign key and primary key.

Is there a way to tell the server to navigate from one table to another to find a person's role? Or we "must" create a table that contains userID and userRole for us to use the isUserInRole() method for security check?
 
Mark Spritzler
ranger
Sheriff
Posts: 17276
6
IntelliJ IDE Mac Spring
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I thought isUserInRole() was used to read the security roles defined in the web.xml, not from a database?

Mark
 
JiaPei Jen
Ranch Hand
Posts: 1309
  • 0
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
But, we have to map each user to his/her role somewhere. And it is in the server.xml file.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic