Looking at Realms

As mentioned, a realm is a depository of user information that authenticates and authorizes users. As befits a standard data access mechanism in Java, realms present a standard interface to Tomcat, no matter what the underlying data store (see Figure 11-1).

image from book
Figure 11-1: A realm is an abstraction of the data store.

As you can see, realms are another layer of abstraction on top of sources of data. In the case of databases (accessed with JDBC) and JNDI resources, a realm is a layer of abstraction on top of a layer of abstraction. Thus, Tomcat can authenticate against any JNDI or JDBC data source on any platform that supports it. This allows you to use existing personnel databases that may be running on back-end or directory servers.

Realms, as standard abstractions of underlying data, must provide a standard interface to Tomcat, which in turn means that the underlying data must conform to a standard format. In other words, each underlying set of data must have the following, though it may contain many other pieces of information:

  • A username

  • A password

  • The roles assigned to the user



Pro Jakarta Tomcat 5
Pro Apache Tomcat 5/5.5 (Experts Voice in Java)
ISBN: 1590593316
EAN: 2147483647
Year: 2004
Pages: 94

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net