So, when a web application gets deployed to my Container, I want to map those application specific roles to the user groups or just to single users which I have in my JDBCRealm.
For the glassfish Application Server, there seems to be a separate deployment descriptor (glassfish-web.xml) for this reason:
<sun-web-app>
<context-root>/theapp</context-root>
<security-role-mapping>
<role-name>ADMIN</role-name>
<principal-name>randy</principal-name>
<principal-name>amanda</principal-name>
</security-role-mapping>
<security-role-mapping>
<role-name>USER</role-name>
<group-name>tomcatusergroup</group-name>
</security-role-mapping>
<sun-web-app>
The role names there, are those from the web.xml security constraints, like
<security-role>
<role-name>ADMIN</role-name>
</security-role>
The <principal-name> is a user which is stored in my JDBCRealm, and the is a group of users there.
How can I establish this link/mapping in Tomcat?
Aucun commentaire:
Enregistrer un commentaire