Basic HTTP Authorization in tomcat
1 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   maroof_dolani
Posted On:   Monday, December 1, 2003 04:25 AM

Hello,
I'm using Tomcat4.1. I have an web application myApp in a folder myApp (only jsp pages no servlets) in webapps folder.Nowm, i want an authorization for this application. I think there is something to do with web.xml, i tried many things. i tried to copy paste the web.xml in the manager application but somhow, nothing works.
What i want is a simple authorization dialog for users present in tomcat-users.xml.
That's it. I'm not using any Application server.

Thanx in Advance.

Re: Basic HTTP Authorization in tomcat

Posted By:   AlessandroA_Garbagnati  
Posted On:   Tuesday, December 2, 2003 03:04 AM

Hi,

There are two required steps to activate Basic HTTP authentication in Tomcat.


The first one is Tomcat specific task. You need to define the type of Realm you wanna use. You can choose different type of realms: Memory, Database (DataSource or JDBS) and JNDI.

The easiest to set up is the Memory Realm, but if you need further information you can still refer to the Tomcat 4 Realm Configuration HOWTO documentation page.

For a Memory realm, you just need to insert in the tag of your server configuration file (conf/server.xml) this tag:

  

Once you have done this, you should edit (or create) the conf/tomcat-users.xml file where you will place the name of all the users you wanna give access to, and their "role". A simple example could be this one:






This has created a role called "test", and a "user" that belongs to that role.

You can change the way you save your password (by default it's plain text) or the name and location of the file, through the attributes of the Realm tag, as described in the documentation page linked above.



The second step is the standard servlet way to set the authentication, siply adding to your web application descriptor (web.xml) some imformation like, for example:
...



Protected Site


/*

DELETE
GET
POST
PUT



test





BASIC
Example Basic Authentication




Test role
test

..

That should be enough to start...
About | Sitemap | Contact