From oracle-l-bounce@freelists.org Thu Jul 7 08:11:19 2005 Return-Path: Received: from air891.startdedicated.com (root@localhost) by orafaq.com (8.12.10/8.12.10) with ESMTP id j67DBJSu022919 for ; Thu, 7 Jul 2005 08:11:19 -0500 X-ClientAddr: 206.53.239.180 Received: from turing.freelists.org (freelists-180.iquest.net [206.53.239.180]) by air891.startdedicated.com (8.12.10/8.12.10) with ESMTP id j67DBCIP022881 for ; Thu, 7 Jul 2005 08:11:12 -0500 Received: from localhost (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id 506B71C95D0; Thu, 7 Jul 2005 08:11:06 -0500 (EST) Received: from turing.freelists.org ([127.0.0.1]) by localhost (turing [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 31900-04; Thu, 7 Jul 2005 08:11:06 -0500 (EST) Received: from turing (localhost [127.0.0.1]) by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id CBC2A1C974E; Thu, 7 Jul 2005 08:11:05 -0500 (EST) Message-ID: <42CD297A.7020100@uwsa.edu> Date: Thu, 07 Jul 2005 08:09:14 -0500 From: LeRoy Kemnitz User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.8) Gecko/20050511 X-Accept-Language: en-us, en MIME-Version: 1.0 To: oracle-l Subject: JDBC Realm Content-Type: text/plain; charset=ISO-8859-1; format=flowed X-archive-position: 22163 X-ecartis-version: Ecartis v1.0.0 Sender: oracle-l-bounce@freelists.org Errors-To: oracle-l-bounce@freelists.org X-original-sender: lkemnitz@uwsa.edu Precedence: normal Reply-To: lkemnitz@uwsa.edu X-list: oracle-l X-Virus-Scanned: by amavisd-new-20030616-p9 (Debian) at avenirtech.net X-mailscan-MailScanner-Information: Please contact the ISP for more information X-mailscan-MailScanner: Found to be clean X-MailScanner-From: oracle-l-bounce@freelists.org X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.63 (2004-01-11) on air891.startdedicated.com X-Spam-Status: No, hits=-2.5 required=5.0 tests=AWL,BAYES_00 autolearn=ham version=2.63 All- I am trying to figure how the JDBC Realm works in Tomcat and if Oracle App Server does something similar. I want to use Tomcat first to understand the authentication process and then move to the Oracle App Server. Correct me if I am wrong, how I understand it the JDBC Realm is just an environment where the usernames, passwords, and roles are kept in tables in the database that can 'home-grown'. In the App Server, the OID holds the usernames and passwords encrypted. The App Server can use the SSL to secure connections to connect as well. But how does the web browser session find out about the roles that the user has? I am new to the Java world so forgive me if this is way off base. LeRoy -- http://www.freelists.org/webpage/oracle-l