Announcement Announcement Module
No announcement yet.
what is the meaning of DataSource Realm? Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • what is the meaning of DataSource Realm?

    don't have any idea what is the meaning of DataSource Realm in Security..
    it means.. it will check the user's name and password in database using SELECT statement..?

    i receive this message
    for the meantime i use UserDatabase realm (tomcat-users.xml) for mock authentication but we use the DataSource Realm in the future...
    Last edited by eros; Apr 17th, 2010, 10:26 PM. Reason: tag as SOLVED

  • #2
    RE: what is the meaning of DataSource Realm

    I believe this is referring to Apache Tomcat Security


    • #3
      Originally posted by davdres View Post
      I believe this is referring to Apache Tomcat Security
      Thanks a lot.... you enlightened me...

      With connection to this, let me to give the overview of the requirements..

      1) User will login using Windows Login Form via DB SQL select statement..
      2) upon windows login form authenticated the user, it will pass an URL to Web Browser Component and do authentication again in the web app side using the DataSource Realm..

      My problem is what type of Security do I need with regards to Spring Security 2.0.5....


      • #4
        Re: What type of security do I need...

        I'm no expert, but my understanding is that Tomcat provides configurable mechanisms for authenticating a browser to the Web server. It does not provide any authorization functions. Spring Security provides a framework for managing both authentication and authorization. Spring Security also integrates with Tomcat but I don't have experience with the mechanisms of doing that. So if you only need authentication and your think your app will remain fairly static (ie. no growth or changing requirements) then you could just use Tomcat otherwise I'd recommend using Spring Security.


        • #5
          i decided to use DaoAuthenticationProvider...

          I extends/implements the following because I have different schema and would like to add more information to UserDetails:

          1) extends DaoAuthenticationProvider
          2) extends JdbcDaoImpl for my UserDetailsService
          3) implements UserDetails with my User class...

          anybody can share some example codes to start with,....