Win a copy of Functional Reactive Programming this week in the Other Languages forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Server (Tomcat) Managed Role-Based Authentication

 
JiaPei Jen
Ranch Hand
Posts: 1309
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I am using the Tomcat 5.0.27. In order to use server managed "role-based" authentication, we supply the server with two tables. One of the tables containes userID and password, and the other tables contains userID and userRole (a person can have more than one role).

My difficulty stems from the tables are structured in my database. I do have a table that contains userID and password; however, I do not have a table that contains userID and userRole. In order to know a person's role, I have to navigate from one table to another using foreign key and primary key.

Is there a way to tell the server to navigate from one table to another to find a person's role? Or we "must" create a table that contains userID and userRole for us to use the isUserInRole() method for security check?
 
Mark Spritzler
ranger
Sheriff
Posts: 17278
6
IntelliJ IDE Mac Spring
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I thought isUserInRole() was used to read the security roles defined in the web.xml, not from a database?

Mark
 
JiaPei Jen
Ranch Hand
Posts: 1309
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
But, we have to map each user to his/her role somewhere. And it is in the server.xml file.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic