tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Adam Hardy <ahardy.str...@cyberspaceroad.com>
Subject Re: Tomcat JDBCRealm And <security-constraint> in the web.xml
Date Mon, 13 Oct 2003 08:28:11 GMT
On 10/13/2003 07:56 AM Bill Barker wrote:
> "Caroline Jen" <jiapei_jen@yahoo.com> wrote in message
> news:20031013015911.98344.qmail@web11506.mail.yahoo.com...
> 
>>Tim:
>>
>>     Before I posted my questions regarding the
>>problem that I encountered, I have gone through
>>
> 
> http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#Configuring%20a%20Realm
> 
>>     As long as I have the JDBCRealm in
>>the server.xml, the Tomcat does not accept
>><security-constraint> specified in the application's
>>web.xml file.  And the Tomcat cannot find my
>>application.
>>
>>     Following your advice, I moved the Realm
>>declaration outside of the <Context> declaration into
>>the <Host> declaration, and my problem is solved.
>>
>>     Nonetheles, you also said "refine the <Realm> in
>>each context where it is needed."  I really want the
>>JDBCRealm applies to my application only.  My question
>>is how do I do it?
>>
> 
> 
> If what is below is accurate, then your <Context> is configured wrong.  It
> needs to be:
>   <Context path="/myapp" docBase="myapp">
>     <Realm className="org.apache.catalina.realm.JDBCRealm"
>            ..... />
>   </Context>
> 
> You should probably also leave e.g. the UserDatabaseRealm configured under
> the <Host>, so that other Contexts (i.e. admin & manager) have a Realm to
> use.  By configuring your own Realm under your <Context>, it will override
> the one defined in the <Host>.
> 
> 

As long as you configure a 'manager' role for the superuser in your 
realm, then the superuser can happily login to & use admin & manager - 
if that fits in with the security requirements of course. That's what I 
do. But then I am project manager, chief developer, webmaster and DBA 
for my current project (I should say that more often, it makes Monday 
mornings great! Just don't tell anyone I'm working for myself :) ).



>>     Currently, my JDBCRealm looks like:
>>
>><Engine>
>> <Host>
>> <Realm
>>className="org.apache.catalina.realm.JDBCRealm"
>>                                    debug="99"
>>driverName="com.mysql.jdbc.Driver"
>>connectionURL="jdbc:mysql://localhost:3306/artimus?
>>               user=javauser&amp;password=javadude"
>>userTable="members" userNameCol="user_name"
>>                    userCredCol="user_password"
>>userRoleTable="user_roles" roleNameCol="user_role"/>
>>
>>  <Context>
>>    .................
>>  </Context>
>> </Host>
>></Engine>
>>
>>--Caroline
>>
>>
>>My configuration in the $TOMCAT_HOME/conf/sever.xml is
>>shown below:
>>
>><Engine>
>><Host>
>><Context>
>><Realm className="org.apache.catalina.realm.JDBCRealm"
>>debug="99"
>> driverName="com.mysql.jdbc.Driver"
>> connectionURL="jdbc:mysql://localhost:3306/artimus
>>                 user=javauser&password=javadude"
>> userTable="members" userNameCol="user_name"
>>                 userCredCol="user_password"
>> userRoleTable="user_roles" roleNameCol="user_role"/>
>></Context>
>></Host>
>></Engine>
>>
>>
>>--- Tim Funk <funkman@joedog.org> wrote:
>>
> http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#Configuring%20a%20Realm
> 
>>>-Tim
>>>
>>>Caroline Jen wrote:
>>>
>>>>Tim:
>>>>
>>>>    Would you explain "refine the <Realm> in each
>>>>context where it is needed"?
>>>>
>>>>-Caroline
>>>>--- Tim Funk <funkman@joedog.org> wrote:
>>>>
>>>>
>>>>>Move the Realm declaration outside of the
>>>
>>><Context>
>>>
>>>>>declaration into the
>>>>><Host> declaration. Or refine the <Realm> in each
>>>>>context where it is needed.
>>>>>
>>>>>-Tim
>>>>>
>>>>>Caroline Jen wrote:
>>>>>
>>>>>
>>>>>>My applications behave wierd after I configured
>>>>>
>>>>>the
>>>>>
>>>>>
>>>>>>JDBCRealm.  After experimenting in many different
>>>>>>ways, I found that as long as I have the
>>>
>>>JDBCRealm
>>>
>>>>>in
>>>>>
>>>>>
>>>>>>the server.xml, the Tomcat does not accept
>>>>>><security-constraint> specified in the
>>>>>
>>>>>application's
>>>>>
>>>>>
>>>>>>web.xml file.  Please help me.
>>>>>>
>>>>>>My configuration in the
>>>>>
>>>>>$TOMCAT_HOME/conf/sever.xml is
>>>>>
>>>>>
>>>>>>shown below:
>>>>>>
>>>>>><Engine>
>>>>>><Host>
>>>>>><Context>
>>>>>><Realm
>>>>>
>>>>>className="org.apache.catalina.realm.JDBCRealm"
>>>>>
>>>>>
>>>>>>debug="99"
>>>>>>driverName="com.mysql.jdbc.Driver"
>>>>>>
>>>>>
>>>>>connectionURL="jdbc:mysql://localhost:3306/artimus
>>>
>>>>>>                user=javauser&password=javadude"
>>>>>>userTable="members" userNameCol="user_name"
>>>>>>                userCredCol="user_password"
>>>>>>userRoleTable="user_roles"
>>>>>
>>>>>roleNameCol="user_role"/>
>>>>>
>>>>>></Context>
>>>>>></Host>
>>>>>></Engine>


-- 
struts 1.1 + tomcat 5.0.12 + java 1.4.2
Linux 2.4.20 RH9


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message