tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher Schultz <ch...@christopherschultz.net>
Subject Re: Custom Realm
Date Tue, 14 Oct 2014 15:34:56 GMT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Meeraj,

On 10/12/14 8:26 AM, Service Symphony wrote:
> I have got it working, since the server is not started yet, none
> of the underlying infrastructure is available in the realm class 
> constructor.

If you extend RealmBase (a good idea), then you can use the "lifecycle"
interface to receive calls when Tomcat changes states (e.g. is actually
started and the JNDI service is available).

If you use Tomcat 8, there was recently a change to the realm code to
allow for customized credential handling (i.e. password-munging). If
you only need to customize how passwords are checked -- for example,
by using a different hashing algorithm than what MessageDigest
provides -- then you might want to look into using that instead.

- -chris

>> On 11 Oct 2014, at 22:37, Meeraj Kunnumpurath 
>> <meeraj@servicesymphony.com> wrote:
>> 
>> Hi,
>> 
>> I have some specific requirements for security and I have been 
>> trying to right a custom realm, that reads information from the 
>> database.
>> 
>> 1. I have added a datasource in the global naming resources
>> section in the server.xml 2. I have packaged the realm class in a
>> JAR file and copied it the server lib 3. I have included a
>> context.xml in the WAR META-INF, that declares the realm from
>> (2)
>> 
>> In the constructor of the realm class, I try to look up the 
>> datasource,
>> 
>> 1. If I use new InitialContext().lookup, I get a name not found 
>> exception. 2. If I try to get the global naming context, by
>> calling getServer from RealBase, getServer returns a null
>> reference.
>> 
>> This is the entry in server.xml
>> 
>> <Resource name="MyDS" auth="Container"
>> type="javax.sql.DataSource" 
>> driverClassName="oracle.jdbc.OracleDriver" 
>> factory="org.apache.tomcat.jdbc.pool.DataSourceFactory" 
>> url="jdbc:oracle:thin:@10.211.55.7:1521:xe" username="meeraj" 
>> password="password" maxTotal="20" maxIdle="10" maxWaitMillis="-1"
>>  accessToUnderlyingConnectionAllowed="true"/>
>> 
>> This is the entry in the context.xml
>> 
>> <Realm className="com.ss.security.provider.DatabaseRealm" 
>> digest="SHA1"/>
>> 
>> This is the constructor of the Realm class
>> 
>> public DatabaseRealm() throws NamingException { Context context
>> = null; try { context = new InitialContext(); template = new 
>> SimpleJdbcTemplate((DataSource) context.lookup("MyDS")); }
>> finally { if (context != null) context.close(); } }
>> 
>> Any pointers will be highly appreciated.
>> 
>> Many thanks
>> 
>> -- Meeraj Kunnumpurath Director and Executive Principal Service 
>> Symphony Ltd 00 44 7702 693597 meeraj@servicesymphony.com
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJUPUKgAAoJEBzwKT+lPKRYHZsP/iLYc/DvR8Ur/1RrViqQmx9a
/8L8BuXwls6G7hLPKiF2H+rzzEChhgqIzIgSQG81gOooqvkStqzdubagcBpcpZbC
HTwkvSnRuDDrK5kXJttsjx4aeDeFuIZwrnMaThKMSyGAuyxCarjdjHrwLPJQFfuC
/alN8lsMCGQVjbEPjrGsT7oNWAqT+AiEQLJhpgnDciWNLshHNlSKDhbS6hj+/yMA
k7vPn8JMvDWAXcWAjoMsRA9KqZXFc2IgHy1j4J0yG7BJ0bwVPvJWZS5vSpjzSJgI
4f8gvtTacePDjw5yBWISAAb8lwUgIK8o82kVuoO5FJiL4M/QpKXa7/yv4WOWmqcp
SqDU7iFDX3AaI3KFeToS1NYzRbB3C4V+galKlVOI2oJxC2W02qR/IjDSsbgCe4GI
tsI+xW5s5tT2bE0PCAEtQXzvEv5L91pIIAhvFPNfQfm2h6tqqnPrndEguLXyicnb
zU0ooQJMZhso2m7C25qmy7K/3RZHjFKkYIbvSUV9C2GNRoc2+FScJugr1gQC3wUI
rO4TX2xYM07M6Dmu2OH7neMfwuIPIafjsBtIEg9+/ZnpXX5YtZm7erL9jJrX/+0b
HOtQywd/RKo7BHnpPztsF8jB5DgiT512vzoLbsJtdjkTDZ+A95z3/CkiunR/FSNm
hkTk4IJAzW9Amv09xRBb
=yrK1
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message