The security role of the user can be accessed with
I know roles are usually set while configuring the web app container (for example in Tomcat's /conf/tomcat-users.xml), but is there a way to also set it programatically?
It depends what type of security you are using. Since we're talking about Tomcat, it supports several Realms such as memory, JDBC and LDAP. If you store the user authentication and authorisation information in (for instance) a database and use the JDBC Realm, you can then alter authorisation roles programatically. I don't believe the tomcat-users.xml can be edited at runtime.
Yes, I am using JDBC resources for my database management. There is no problem with the programatic authentication. I just would like to know how to set user roles without having to modify conf files [ July 02, 2006: Message edited by: kwame Iwegbue ]
If you store the user authentication and authorisation information in (for instance) a database and use the JDBC Realm, you can then alter authorisation roles programatically.
Using JDBC realm, how would i test for a user's role using code in a servlet such as
I know you can get this information if roles have been defined in web.xml, but this approach is server specific, which is why i am trying to do it programatically.