• Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

CombinedRealm: find out what subrealm was authenticated

 
Alexander Thomas
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
When a user authenticates, the first subrealm inside a CombinedRealm that has the right credentials will be the realm to which the user is authenticated.
Is there a way to find out which realm this is?
For instance, if I have created a CombinedRealm with a JNDIRealm and a JDBCRealm inside it, and the user is authenticated to the JDBCRealm, is there a way to detect this other than connecting to the SQL database and seeing if the user exists?
 
Tim Holloway
Saloon Keeper
Posts: 18302
56
Android Eclipse IDE Linux
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Welcome to the JavaRanch, Alexander!

I would expect that you can do this by setting the Tomcat logger to output diagnostic messages.

In practical terms, the Combined Realm should be concatenating the sub-Realms and if they are concatenated in the order in which you've listed them, actually you'd probably be better off looking at the JNDI (LDAP?) database first.

One thing I learned (the hard way) from IBM's OS/2, however is that you should never attempt to keep important information in more than one place. Backups, mirrors, etc. are fine, but the authoritative info should be located in one and only one location. That's not really a technical issue, it's a managerial one, and if you have definite rules on where to find stuff, then you won't need to clutter your logfiles with diagnostics because the only time you'll need to check is for cases where someone has violated those rules.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic