The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

Web Services Forum
tomcat: security constraints with realm db

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
Evelina Agostini

Posts: 1
Nickname: anja82
Registered: Oct, 2005

tomcat: security constraints with realm db Posted: Oct 30, 2005 8:13 AM
Reply to this message Reply
Advertisement
I created a web application and i deployed it on Tomcat. I'm trying to manage the access to private areas with a realm DB accessed via a JNDI named JDBC DataSource. I can successfully access the DataSource but securyty constraints do not work correctly: i am asked a username and password but none is accepted.

That's what i did:
- i've created two tables in the DB: one with usernames and passwords and the other with usernames and roles
-i configured a a JNDI named JDBC DataSource for your database (this seems to work
-i set up a <Realm> element in $CATALINA_HOME/conf/server.xml:

<Realm className="org.apache.catalina.realm.DataSourceRealm" debug="99"
dataSourceName="jdbc/utenti"
userTable="users" userNameCol="user_name" userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name"/>

(and restarted tomcat)

-i put security constrints in the web.xml file of my application:

<security-constraint>
<display-name>basic</display -name>
<web-resource-collection>
<web-resource-name>Secured Web Collection</web-resource-name>
<url-pattern>/pages/Welcome.jsp</ url-pattern>
<http-method>GET</http-method>
<http-method>PO ST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>registered</role-name>
</auth-constraint>
<user- data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm -name>
<form-login-config>
<form-login-page>/pages/Login.jsp</ form-login-page>
<form-error-page>/pages/Error.jsp</form-error-page& gt;
</form-login-config>
</login-config>
<security-role>
<d escription>una autorizzazione per il gli utenti registrati</description>
<role-name>registered</role-name>
&l t;/security-role>

thanks to anyone that could give me some advice:P

eve

Topic: Axis WebService: get Client IP-Address Previous Topic   Next Topic Topic: System.ServiceModel.UnknownFaultException: org.xml.sax.SAXException
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use