I got what you way: the <realm-name> and the <Realm> are not the same thing
and not related in the security configuration I am trying to learn. I will
try to find time to do some reading on http to understand that realm.
My next goal is a JNDIRealm (LDAP).
Thank you very much for your kind help, David!
Jason
On Mon, Mar 3, 2008 at 4:12 PM, david delbecq <delbd+jakarta@oma.be> wrote:
> What is in the web.xml is not tomcat specific. The "realm" you see in
> web.xml is related to the notion of realm used by http protocol, that is
> a string showed to user when the login with http basic authentification,
> and which server for browser to seperate login in different "realms" for
> a same server (eg an admin realm, a shopping realm, a clerk realms)
>
> The link between a webapplication and a tomcat realm (that is, a source
> for users passwords and roles) is done in a context.xml file, which is
> tomcat specific. The file can be either located in META-INF/context.xml
> in your webapp for auto configuration or be put manually in tomcat
> config (conf/Catalina/<host>/<webapp>.xml)
> Jason Ling a écrit :
> > Thank you, David. Now it works!
> >
> > I looked back into the documentation for DataSource, and then configured
> one
> > in the server.xml file as a JNDI <Resource>. It seems to me that the
> > <Realm> gets associated with the <Resource> by jdbc/webappDB, and that
> tells
> > tomcat server where to find the Oracle server.
> >
> > Nevertheless, I still still have a few questions:
> >
> > What is the the <realm-name> sub-element of <login-config> for in the
> > application's web.xml file, when and how is it used? Suppose I
> configure
> > more than one <Realm> in server.xml, is that the scenario where I need
> to
> > use the <real-name> tag to specify which Realm to use? In that case,
> > <realm-name>what is the name</realm-name> for the realm?
> >
> > Thanks a lot for your guide!
> >
> >
> > Jason
> >
> >
> >
> > On Mon, Mar 3, 2008 at 3:11 PM, david delbecq <delbd+jakarta@oma.be>
> wrote:
> >
> >
> >> And, actually, you didn't do the part where you configure the
> datasource
> >> that your realm will use, information that is provided in the link i
> >> pointed you to. If you did actually configure the datasource (which is
> >> separate from the datasourcerealm), you wouldn't say
> >>
> >>
> >>> I still wonder
> >>> how Tomcat would know where to go
> >>>
> >> moreover none of the configuration statements you pasted show any track
> >> of your datasource configuration, which agina is separate from the
> realm.
> >>
> >>
> >> Jason Ling a écrit :
> >>
> >>> Thank you, David.
> >>>
> >>> Sorry, I sent this message two times, each time only the quoted
> message
> >>>
> >> was
> >>
> >>> sent, but not my reply. This is another try.
> >>>
> >>> Actually I did read the document you provided the link to. In that
> >>>
> >> document
> >>
> >>> (The Realm Component) the following attributes are listed for the
> >>> DataSourceRealm:
> >>>
> >>> dataSourceName
> >>> roleNameCol
> >>> userCredCol
> >>> userNameCol
> >>> userRoleTable
> >>> userTable
> >>>
> >>> and I actually used all of them in my first attempted configuration as
> >>>
> >> shown
> >>
> >>> in my original email:
> >>>
> >>> First attempt:
> >>> ++++++++++
> >>> I replaced the above-mentioned <Realm> element with the following
> >>>
> >> one,
> >>
> >>> mimicking the example for mySQL in the documentation:
> >>>
> >>> <Realm className="org.apache.catalina.realm.DataSourceRealm"
> >>> dataSourceName="jdbc/webappDB"
> >>> userTable="users" userNameCol="user_name"
> >>> userCredCol="user_pass"
> >>> userRoleTable="user_roles" roleNameCol="role_name" />
> >>>
> >>> And that did not work out, you know, as I mentioned. I still do not
> >>>
> >> know
> >>
> >>> what was wrong with my configuration for DataSourceRealm. I still
> >>>
> >> wonder
> >>
> >>> how Tomcat would know where to go to look for the users table and the
> >>> user_roles table, which are on the Oracle server which is
> >>>
> >> sb.lehman.cuny.edu,
> >>
> >>> and is not in any of the attributes listed above. Did I miss any
> >>>
> >> components
> >>
> >>> in the configuration that I tried?
> >>>
> >>>
> >>> Jason
> >>>
> >>>
> >>>
> >>> On Mon, Mar 3, 2008 at 1:11 PM, David Delbecq <delbd+jakarta@oma.be>
> >>>
> >> wrote:
> >>
> >>>
> >>>> Jason Ling a écrit :
> >>>>
> >>>>
> >>>>> I changed the <Realm> element in the server.xml file, and
it became:
> >>>>>
> >>>>> <Realm className="org.apache.catalina.realm.DataSourceRealm"
> >>>>> dataSourceName="jdbc/webappDB"
> >>>>> driverName="oracle.jdbc.OracleDriver"
> >>>>> connectionURL="jdbc:oracle:thin:@sb.lehman.cuny.edu:1521
> >>>>>
> >> :idm0"
> >>
> >>>>> connectionName="webappdb" connectionPassword="GreenHorn"
> >>>>> userTable="users" userNameCol="user_name"
> >>>>> userCredCol="user_pass"
> >>>>> userRoleTable="user_roles" roleNameCol="role_name" />
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>> your are using the datasourcerealm with parameters from the
> jdbcrealm,
> >>>> those are two separate realms. For datasource realm, you need to
> define
> >>>> a datasource that matches the one specified in
> >>>>
> >>>> dataSourceName="jdbc/webappDB"
> >>>>
> >>>> To get more information on how to configure a datasource, please go
> >>>> there:
> >>>>
> >>>>
> >>>>
> >>
> http://tomcat.apache.org/tomcat-5.5-doc/jndi-datasource-examples-howto.html
> >>
> >>>> ---------------------------------------------------------------------
> >>>> To start a new topic, e-mail: users@tomcat.apache.org
> >>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >>>> For additional commands, e-mail: users-help@tomcat.apache.org
> >>>>
> >>>>
> >>>>
> >>>>
> >>>
> >> ---------------------------------------------------------------------
> >> To start a new topic, e-mail: users@tomcat.apache.org
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >>
> >
> >
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
|