tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexandros Kotsiras" <>
Subject RE: JDBCRealm question
Date Fri, 21 Jul 2000 18:17:42 GMT
Well sorry to bother you again but i have to clarify the last point :

> 2. Is it possible to use JDBCRealm with Apache on port 80  ??
> (Probably no i
> guess)

Why no?

Becuase if i remove the 8080 from the url and go through Apache i do not get
the login dialog box at all.
I can access the protected folder without authentication.
I can of course protect if i use the Apache htpasswd.exe utility :
and add in the tomcat-apache.conf :

<Directory "/usr/local/tomcat32b/webapps/sales/jsp/protected">
    Options Indexes FollowSymLinks Includes
    AuthName "restricted area"
    AuthType Basic
    AuthUserFile /usr/local/tomcat32b/webapps/sales/WEB-INF/users.pwd
    require valid-user

where "users.pwd" is the file with the usernames and encrypted passwords
created by the htpaswd.exe utility
but ....this is not DB driven and it's another case.

-----Original Message-----
From: Nacho []
Sent: Friday, July 21, 2000 2:00 PM
To: ''
Subject: RE: JDBCRealm question

Hola Alexandros:

> Great !!!
> It works now.
> Thanks a lot Ignacio.
> The JDBCRealm.howto though is using the tomcatRole, otherRole
> whereas the
> default values in the web.xml are tomcat, other
> and the JDBCRealm.howto does not mention that those values
> should match ..
> so this point can easily be missed.

I'll take a look over that, thanks.

> Another 2 simple questions and then i will leave you in peace :
> 1. After i login is there any session expiration mechanism that will
> invalidate me and force me to relogin
> if i take a break for example for an hour and come back ? or
> i will always
> be "valid" until i close the browser ??

This is the way BASIC-AUTH works i guess, it's not in tomcat, it's in
the browser handle of basic auth, i think, but i'm not very sure about

Saludos ,
Ignacio J. Ortega

View raw message