tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Michael Kolenda <mikeckole...@gmail.com>
Subject Re: where to look for $CATALINA_BASE/conf/ in Tomcat Server ?
Date Wed, 05 Jun 2019 12:57:42 GMT
i recently did a JASPIC plugin for OIDC.

ended writing a simple authorization class that returned user roles based
on the request/Principal instead of trying to add JACC

arjan tijms guide is what i used for the most part

but you're right there is no decent Tomcat tutorial yet




On Wed, Jun 5, 2019, 8:43 AM Mark Thomas <markt@apache.org> wrote:

> On 05/06/2019 07:14, Karen Goh wrote:
> > Hi,
> >
> > I am trying to do JASPIC follows by JACC using Java Servlet and JSP and
> maybe REST with PostgresQL
> >
> >
> https://www.byteslounge.com/tutorials/jaas-authentication-in-tomcat-example
> >
> > However, I have difficulty in locating the $Catablina_base in the
> external tomcat server I am using in Eclipse.
> >
> > Also, I went to check out the hosting company side, I can't find
> Catalina_base at all also.
>
> For an explanation of $CATALINA_BASE
> http://tomcat.apache.org/tomcat-9.0-doc/RUNNING.txt
>
> Unless you have deliberately split them $CATALINA_BASE == $CATALINA_HOME
>
> Generally, $CATALINA_BASE/conf is where you will find your server.xml file.
>
> > I hope someone can tell me exactly where to put the jaas.config file for
> the JAAS to work.
> >
> > Another thing is about JASPIC.
> >
> > I can't find alot of tutorial regarding JASPIC.
>
> It isn't that widely used. It has potential but hasn't really caught on.
>
> > There is this guy Arjan Tijms which poses quite a fair bit of infor but
> I guess my Java skills is still not good enough to understand the mechanism
> of how things work.
> >
> > I am currently testing things out using Tomcat 9.0.4.
>
> I'd strongly recommend you update to the latest 9.0.x release.
>
> > And how does JASPIC + JACC fit into the scheme of salt based password
> verification.
> >
> > Hope someone can give me some hints how to go about securely password
> the simplest possible way based on JASPIC and JACC.  Thanks.
>
> Why use JASPIC and JACC. Note Tomcat doesn't provide a JACC implementation.
>
> Perhaps take a step back. Describe the problem you are trying to solve
> and maybe we can provide some pointers on how to best solve it with Tomcat.
>
> Mark
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message