This week's book giveaway is in the Performance forum.
We're giving away four copies of The Java Performance Companion and have Charlie Hunt, Monica Beckwith, Poonam Parhar, & Bengt Rutisson on-line!
See this thread for details.
Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

question about user roles

 
kwame Iwegbue
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The security role of the user can be accessed with


I know roles are usually set while configuring the web app container (for example in Tomcat's /conf/tomcat-users.xml), but is there a way to also set it programatically?
 
David O'Meara
Rancher
Posts: 13459
Android Eclipse IDE Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
It depends what type of security you are using. Since we're talking about Tomcat, it supports several Realms such as memory, JDBC and LDAP. If you store the user authentication and authorisation information in (for instance) a database and use the JDBC Realm, you can then alter authorisation roles programatically. I don't believe the tomcat-users.xml can be edited at runtime.

Dave
 
kwame Iwegbue
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks David.

Yes, I am using JDBC resources for my database management. There is no problem with the programatic authentication. I just would like to know how to set user roles without having to modify conf files
[ July 02, 2006: Message edited by: kwame Iwegbue ]
 
kwame Iwegbue
Ranch Hand
Posts: 197
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If you store the user authentication and authorisation information in (for instance) a database and use the JDBC Realm, you can then alter authorisation roles programatically.


Using JDBC realm, how would i test for a user's role using code in a servlet such as


I know you can get this information if roles have been defined in web.xml, but this approach is server specific, which is why i am trying to do it programatically.

someone please help!!!
 
Darren Edwards
Ranch Hand
Posts: 69
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Check out the Security Filter project as an alternative approach.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic