Two Laptop Bag*
The moose likes Servlets and the fly likes question about user roles Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "question about user roles" Watch "question about user roles" New topic
Author

question about user roles

kwame Iwegbue
Ranch Hand

Joined: Sep 02, 2000
Posts: 197
The security role of the user can be accessed with


I know roles are usually set while configuring the web app container (for example in Tomcat's /conf/tomcat-users.xml), but is there a way to also set it programatically?


Who dares, wins! (SAS motto)
David O'Meara
Rancher

Joined: Mar 06, 2001
Posts: 13459

It depends what type of security you are using. Since we're talking about Tomcat, it supports several Realms such as memory, JDBC and LDAP. If you store the user authentication and authorisation information in (for instance) a database and use the JDBC Realm, you can then alter authorisation roles programatically. I don't believe the tomcat-users.xml can be edited at runtime.

Dave
kwame Iwegbue
Ranch Hand

Joined: Sep 02, 2000
Posts: 197
Thanks David.

Yes, I am using JDBC resources for my database management. There is no problem with the programatic authentication. I just would like to know how to set user roles without having to modify conf files
[ July 02, 2006: Message edited by: kwame Iwegbue ]
kwame Iwegbue
Ranch Hand

Joined: Sep 02, 2000
Posts: 197
If you store the user authentication and authorisation information in (for instance) a database and use the JDBC Realm, you can then alter authorisation roles programatically.


Using JDBC realm, how would i test for a user's role using code in a servlet such as


I know you can get this information if roles have been defined in web.xml, but this approach is server specific, which is why i am trying to do it programatically.

someone please help!!!
Darren Edwards
Ranch Hand

Joined: Aug 17, 2005
Posts: 69
Check out the Security Filter project as an alternative approach.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: question about user roles