tomcat 4.0.1 jdbc realm user-role question

hi all,

how do i set tomcat not to look for a role when validating a user using jdbcrealm? if i omit the
<auth-constraint> it wont' validate anything it will just forward you to the resouce.

thanks.

    <security-constraint>
     
     <web-resource-collection>
         <web-resource-name>User Protected Area</web-resource-name>
          <url-pattern>/ovdc/*</url-pattern>
            <http-method>DELETE</http-method>
          <http-method>GET</http-method>
            <http-method>POST</http-method>
           <http-method>PUT</http-method>
      </web-resource-collection>

      <auth-constraint>
       <role-name></role-name>
      </auth-constraint>

    </security-constraint>
ahuenAsked:
Who is Participating?
 
cheekycjCommented:
try overriding the hasRole() method.

CJ
0
 
ahuenAuthor Commented:
CJ,

where? in JDBCRealm?
I am subclassing JDBCRealm.

thanks.
0
 
cheekycjCommented:
yes when you subclass JDBC Realm you should override the hasRole() method to always return true.. Its just an idea but it should work.

CJ
0
 
ahuenAuthor Commented:
awesome....

thanks.
0
 
cheekycjCommented:
Thanx for the "A".  Good luck.

CJ
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.