All geek questions in one place

Get all users and roles in Java webapp

Questions:

  • Is there a concept of user and role that is common to servlet containers?
  • If so, is there an agnostic way to access these users and roles?
  • If not, is there a way to access Tomcat Realm users and roles?

Story:

I would either get all the users and their roles from the context of the Java Webapp (servlet container), or, even better, directly request the users and their roles.

I see that there are projects like Apache Directory that allow you to do this for LDAP if you know the connection string. However, I want to be an agnostic for technology serving users and roles.

In particular, I'm on Tomcat and in the simplest scenario I want to access users and roles in a) tomcat-users.xmlb) any other configured Realmin the context. However, I'm really looking for a solution that is not specific to Tomcat, but that Realms.

+4
source share
1 answer

In tomcat (or any other consistency) (using the standard servlet API) direct access to user roles is not possible (without using special mechanisms for tomcat / third-party developers). getUserPrincipal and isUSerInRole are two methods; access to the list of roles is not directly possible.

Since the API does not provide this access, I suppose you will have to rely on other mechanisms specific to the container or technology.

, - JNDI, LDAP, LDAP .

0

Source: https://habr.com/ru/post/1599792/

More articles:


All Articles