-----Original Message----- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Friday, 5 September 2014 12:03 AM To: Tomcat Users List Subject: Re: web.xml authentication and Tomcat Realm
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Janusz, On 9/4/14 2:30 AM, Dalecki, Janusz wrote: > -----Original Message----- From: Felix Schumacher > [mailto:felix.schumac...@internetallee.de] Sent: Thursday, 4 September > 2014 3:29 PM To: Tomcat Users List Subject: Re: web.xml authentication > and Tomcat Realm > > > >> On 4. September 2014 05:35:42 MESZ, "Dalecki, Janusz" >> <jdale...@tycoint.com> wrote: >>> Hi, I am just wondering whether somehow I can use web.xml >>> <login-config/> to point to the Tomcat JDBC Realm that I am using. >>> Are those two completely disjoint or I can link them together. >> They are disjoint. >> >> web.xml is for the developer who has (almost) no knowledge of the >> context (environment) in which his application will run. >> >> context.xml (or equivalents) is the tool for the administrator to >> provide that knowledge to the application. >> > It might be silly question, but if I use web.xml login-config element > – where do I specify password? I am probably missing something. The Realm takes care of the credentials. For a DataSourceRealm of JDBCRealm, the usernames and passwords are stored in a relational database. For other Realms, the credentials are stored in other places. For instance, if you use a MemoryRealm, the passwords are typically stored in an XML file in CATALINA_BASE/conf/tomcat-users.xml. Using a MemoryRealm isn't really a good idea for a production system for a number of reasons. (Note that using JDBCRealm will give you terrible performance: use a DataSourceRealm instead with a JNDI DataSource.) You really need to read this: http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJUCHEbAAoJEBzwKT+lPKRYlbsP/jPqVIkl3MhZJdmswWD5AL5y proOErqB/ytVoT2TvvwSb4oXUe0NI/BqmbCCXW7oaExljcw7Dqvtbt+PH0oW5uAu G8BXAq2IhJrfrufz1pDZzxx/zWqlQZ1xTVwlKkdYHknx/0jv4IfwUsMZNwz9OeOa uAJAckflhSPY/qI3/pD9HNoFpZoUS/UEpbmxIeSrjf7jsTJdWI+64xuFXsv6d/1D /NbYpaf+AznqpSuKogjNy/HTb6B1cl8NESJyB+umwxSn7H0bO07GX+CRAzpFpQxt Li48qkFrMMZBvTGtQEZmMw+wyOQ28gQ9lLQFs1h2QAuFCGouoW59jY96NJzSuuu1 cSFGlUNcG4m9oW0zCNlpB0/YD0IODY13QVPPSqVFJhApg6m9uG4os/jb/aMNQ8xo 6Hv6ri2xYGOCC6f/lhaOR7nSdeFEUSin+XHkF1y6xCBNmBSaZMjDbTt2xga134Fl dis1i3zEd7W+EZjiY/jerpRWMGuE9oR1g+PbYbVSnU/Ts+sjqvZflJmtgE+MdJ8a AHPcX0x+8PfPlYBs6yzm0nAHxxqiQdijzzBCwi8KZr7UQPWCtUaHIjmaljUJ+eST 9U3Ue/ePrdyiJm18p7TmfeKI+aDR8g09oadbb9fOKCUz3DyLRH7Qo9uLmBCzZOIt 3LJeFneb/hJ25+opQa7X =fCiU -----END PGP SIGNATURE----- Hi, Sorry I need to explain my problem more clearly. I have put JDBCRealm configuration with all details in the META-INF folder: <Realm className="org.apache.catalina.realm.JDBCRealm" driverName="org.postgresql.Driver" connectionURL="jdbc:postgresql://localhost:5432/df_Scheduler?user=postgres&password=admin" userTable="users" userNameCol="userName" userCredCol="password" userRoleTable="user_roles" roleNameCol="roleName"/> In my web.xml I have login-config element and security constraint as follows: <security-constraint> <web-resource-collection> <web-resource-name>Admin</web-resource-name> <url-pattern>/auth/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>SYSADMIN</role-name> </auth-constraint> </security-constraint> <security-role> <role-name>SYSADMIN</role-name> </security-role> <login-config> <auth-method>BASIC</auth-method> <!--realm-name>Admin</realm-name--> </login-config> I have defined users and passwords as explained in the TOMCAT Realm Configuration – HOW TO. When I ask for a page */auth/* the user/password dialog box pops up and no matter what I type in in user name field and password field and pops up again for ever. What am I doing wrong? Regards, Janusz --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org ________________________________ This e-mail contains privileged and confidential information intended for the use of the addressees named above. If you are not the intended recipient of this e-mail, you are hereby notified that you must not disseminate, copy or take any action in respect of any information contained in it. If you have received this e-mail in error, please notify the sender immediately by e-mail and immediately destroy this e-mail and its attachments.
