ahuen
asked on
tomcat 4.0.1 jdbc realm user-role question
hi all,
how do i set tomcat not to look for a role when validating a user using jdbcrealm? if i omit the
<auth-constraint> it wont' validate anything it will just forward you to the resouce.
thanks.
<security-constraint>
<web-resource-collection>
<web-resource-name>User Protected Area</web-resource-name>
<url-pattern>/ovdc/*</url- pattern>
<http-method>DELETE</http- method>
<http-method>GET</http-met hod>
<http-method>POST</http-me thod>
<http-method>PUT</http-met hod>
</web-resource-collection>
<auth-constraint>
<role-name></role-name>
</auth-constraint>
</security-constraint>
how do i set tomcat not to look for a role when validating a user using jdbcrealm? if i omit the
<auth-constraint> it wont' validate anything it will just forward you to the resouce.
thanks.
<security-constraint>
<web-resource-collection>
<web-resource-name>User Protected Area</web-resource-name>
<url-pattern>/ovdc/*</url-
<http-method>DELETE</http-
<http-method>GET</http-met
<http-method>POST</http-me
<http-method>PUT</http-met
</web-resource-collection>
<auth-constraint>
<role-name></role-name>
</auth-constraint>
</security-constraint>
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
yes when you subclass JDBC Realm you should override the hasRole() method to always return true.. Its just an idea but it should work.
CJ
CJ
ASKER
awesome....
thanks.
thanks.
Thanx for the "A". Good luck.
CJ
CJ
ASKER
where? in JDBCRealm?
I am subclassing JDBCRealm.
thanks.