This week's giveaway is in the Android forum.
We're giving away four copies of Android Security Essentials Live Lessons and have Godfrey Nolan on-line!
See this thread for details.
The moose likes Tomcat and the fly likes CombinedRealm: find out what subrealm was authenticated Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "CombinedRealm: find out what subrealm was authenticated" Watch "CombinedRealm: find out what subrealm was authenticated" New topic
Author

CombinedRealm: find out what subrealm was authenticated

Alexander Thomas
Greenhorn

Joined: Sep 03, 2012
Posts: 1
When a user authenticates, the first subrealm inside a CombinedRealm that has the right credentials will be the realm to which the user is authenticated.
Is there a way to find out which realm this is?
For instance, if I have created a CombinedRealm with a JNDIRealm and a JDBCRealm inside it, and the user is authenticated to the JDBCRealm, is there a way to detect this other than connecting to the SQL database and seeing if the user exists?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 15958
    
  19

Welcome to the JavaRanch, Alexander!

I would expect that you can do this by setting the Tomcat logger to output diagnostic messages.

In practical terms, the Combined Realm should be concatenating the sub-Realms and if they are concatenated in the order in which you've listed them, actually you'd probably be better off looking at the JNDI (LDAP?) database first.

One thing I learned (the hard way) from IBM's OS/2, however is that you should never attempt to keep important information in more than one place. Backups, mirrors, etc. are fine, but the authoritative info should be located in one and only one location. That's not really a technical issue, it's a managerial one, and if you have definite rules on where to find stuff, then you won't need to clutter your logfiles with diagnostics because the only time you'll need to check is for cases where someone has violated those rules.


Customer surveys are for companies who didn't pay proper attention to begin with.
 
 
subject: CombinedRealm: find out what subrealm was authenticated
 
Similar Threads
No Realm has been configured to authenticate against
JDBCRealm login authentication in TOMCAT
Using realm password for db authentication
Need help viewing the Tomcat Manager
JAAS Authentication. Confusion about use case.