[SPAM] User access in an Ontopia webapp

[Stian Lavik]

I'm now starting to develop a webapp based on Ontopia and topicmaps in
a Tomcat 6 environment with PostgreSQL. What is the recommended
approach to control user access and restrictions, having the users in
the topicmap? Is it by using JDBCRealm or something else? And if it is
JDBCRealm, how should the "user table" be mapped when it is a topicmap
and not a regular content dependent database?

All good pointers and hints will be appreciated.

Cheers,
Stian

[Lars Marius Garshol]

* Stian Lavik

>
> I'm now starting to develop a webapp based on Ontopia and topicmaps in
> a Tomcat 6 environment with PostgreSQL. What is the recommended
> approach to control user access and restrictions, having the users in
> the topicmap? Is it by using JDBCRealm or something else? And if it is
> JDBCRealm, how should the "user table" be mapped when it is a topicmap
> and not a regular content dependent database?

Good questions, and ones you aren't the only one to ask.

Generally, Ontopia is agnostic about access control, in the sense that Ontopia code doesn't relate to this at all. So you can set up access control using the standard Java mechanisms, and it will just work. Any restrictions in your application you'll have to build yourself.

So we recommend doing what is convenient for you. The topic map realm that we provide is one possibility. JDBCRealm is another. Using the primitive XML file that Tomcat offers is a third. And so on.

> And if it is JDBCRealm, how should the "user table" be mapped when it is a topicmap and not a regular content dependent database?

Ontopia doesn't have a user concept of its own, so there is really nothing to map.

--Lars M.
http://www.garshol.priv.no/tmphoto/
http://www.garshol.priv.no/blog/