tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Eggers <>
Subject Re: To JAAS or not to JAAS
Date Mon, 13 Sep 2010 16:07:04 GMT
As an alternative, maybe you could write an ant script that would add the 
libraries, read values from a properties file to write the jaas.config file, and 
populate the database?

Copying files with ant is easy, and makes it 
pretty easy to dump and recreate databases. Editing jaas.conf with property 
substitution might be a bit tricky, but possible if your authorization / 
authentication requirements aren't too complex.

The Jetspeed Maven plugin does some similar work as well, but I've found it to 
be a bit invasive at times.

. . . . just some random thoughts.

From: Gabriele Bulfon <>
To: Tomcat Users List <>
Sent: Mon, September 13, 2010 2:55:09 AM
Subject: To JAAS or not to JAAS

I have a web application written with JAAS authentication, using my own login 
This is fine as long as the deployment is made by a system administrator who 
knows how to
configure jaas.config and to place needed jars in the tomcat lib directory, 
following my instructions.
Also, JAAS mode requires the sysadmin to prepare the backend db himself with a 
sql file of mine,
and configure the context.xml with db informations.

Now, I would like the same web app to be deployable in 2 ways, both with JAAS 
and without JAAS,
to simplify deployment by less experienced deployer who will just put the war 
file inside webapp
and access the application.
During the first access I would like the application to understand that is not 
working in JAAS mode,
check for a properties file inside the webapp, that when not existsant will 
trigger an installation sequence

via web (to configure db access and so on). This will create this properties 
file that will be the reference
configuration, substituting the context.xml / jaas config.

My simple idea would be to have this war without the context.xml definitions, 
then have an init parameter of the application in web.xml to define "Use Jaas" = 

"Yes/No" that will let the webapp understand and do what I described.

My question is: do I have a cleaner way to do this? Maybe I have some way to 
understand that my webapp is under JAAS control or not during application 

Thanks for any help,

To unsubscribe, e-mail:
For additional commands, e-mail:


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message