 | Mailing List | | Home | | Forum Home | | JBoss - Java Application Server | | Struts - A MVC web framework | | Tomcat - JSP/Servlet container | | iText - An open source PDF Java Library | | JDOM - JDOM XML Parser | | J2EE - A mailing list for Java(tm) 2 Platform, Enterprise Edition | | J2EE Pattern - An interest list for Sun Java Center J2EE Pattern Catalog | | Servlet - A mailing list for discussion about Sun Microsystem's Java Servlet API Technology | | JSP - A mailing list about Java Server Pages specification and reference | |
Struts & Hibernate
|
|
|
| | | Tomcat JDBCRealm And <security-constraint > in the web.xml | Tomcat JDBCRealm And <security-constraint > in the web.xml 2003-10-13 - By Adam Hardy
Back
On 10/13/2003 07:56 AM Bill Barker wrote:
> "Caroline Jen" <jiapei_jen@(protected)> wrote in message
> news:20031013015911.98344.qmail@(protected)
>
>>Tim:
>>
>> Before I posted my questions regarding the
>>problem that I encountered, I have gone through
>>
>
> http://jakarta.apache.org/tomcat/tomcat-4 (See http://cat-4.ora-code.com).1-doc/realm-howto.html#Configuring
%20a%20Realm
>
>> As long as I have the JDBCRealm in
>>the server.xml, the Tomcat does not accept
>><security-constraint> specified in the application's
>>web.xml file. And the Tomcat cannot find my
>>application.
>>
>> Following your advice, I moved the Realm
>>declaration outside of the <Context> declaration into
>>the <Host> declaration, and my problem is solved.
>>
>> Nonetheles, you also said "refine the <Realm> in
>>each context where it is needed." I really want the
>>JDBCRealm applies to my application only. My question
>>is how do I do it?
>>
>
>
> If what is below is accurate, then your <Context> is configured wrong. It
> needs to be:
> <Context path="/myapp" docBase="myapp">
> <Realm className="org.apache.catalina.realm.JDBCRealm  "
> ..... />
> </Context>
>
> You should probably also leave e.g. the UserDatabaseRealm configured under
> the <Host>, so that other Contexts (i.e. admin & manager) have a Realm to
> use. By configuring your own Realm under your <Context>, it will override
> the one defined in the <Host>.
>
>
As long as you configure a 'manager' role for the superuser in your
realm, then the superuser can happily login to & use admin & manager -
if that fits in with the security requirements of course. That's what I
do. But then I am project manager, chief developer, webmaster and DBA
for my current project (I should say that more often, it makes Monday
mornings great! Just don't tell anyone I'm working for myself :) ).
>> Currently, my JDBCRealm looks like:
>>
>><Engine>
>> <Host>
>> <Realm
>>className="org.apache.catalina.realm.JDBCRealm "
>> debug="99"
>>driverName="com.mysql.jdbc.Driver "
>>connectionURL="jdbc:mysql://localhost:3306/artimus?
>> user=javauser&password=javadude"
>>userTable="members" userNameCol="user_name"
>> userCredCol="user_password"
>>userRoleTable="user_roles" roleNameCol="user_role"/>
>>
>> <Context>
>> .................
>> </Context>
>> </Host>
>></Engine>
>>
>>--Caroline
>>
>>
>>My configuration in the $TOMCAT_HOME/conf/sever.xml is
>>shown below:
>>
>><Engine>
>><Host>
>><Context>
>><Realm className="org.apache.catalina.realm.JDBCRealm "
>>debug="99"
>> driverName="com.mysql.jdbc.Driver "
>> connectionURL="jdbc:mysql://localhost:3306/artimus
>> user=javauser&password=javadude"
>> userTable="members" userNameCol="user_name"
>> userCredCol="user_password"
>> userRoleTable="user_roles" roleNameCol="user_role"/>
>></Context>
>></Host>
>></Engine>
>>
>>
>>--- Tim Funk <funkman@(protected)> wrote:
>>
> http://jakarta.apache.org/tomcat/tomcat-4 (See http://cat-4.ora-code.com).1-doc/realm-howto.html#Configuring
%20a%20Realm
>
>>>-Tim
>>>
>>>Caroline Jen wrote:
>>>
>>>>Tim:
>>>>
>>>> Would you explain "refine the <Realm> in each
>>>>context where it is needed"?
>>>>
>>>>-Caroline
>>>>--- Tim Funk <funkman@(protected)> wrote:
>>>>
>>>>
>>>>>Move the Realm declaration outside of the
>>>
>>><Context>
>>>
>>>>>declaration into the
>>>>><Host> declaration. Or refine the <Realm> in each
>>>>>context where it is needed.
>>>>>
>>>>>-Tim
>>>>>
>>>>>Caroline Jen wrote:
>>>>>
>>>>>
>>>>>>My applications behave wierd after I configured
>>>>>
>>>>>the
>>>>>
>>>>>
>>>>>>JDBCRealm. After experimenting in many different
>>>>>>ways, I found that as long as I have the
>>>
>>>JDBCRealm
>>>
>>>>>in
>>>>>
>>>>>
>>>>>>the server.xml, the Tomcat does not accept
>>>>>><security-constraint> specified in the
>>>>>
>>>>>application's
>>>>>
>>>>>
>>>>>>web.xml file. Please help me.
>>>>>>
>>>>>>My configuration in the
>>>>>
>>>>>$TOMCAT_HOME/conf/sever.xml is
>>>>>
>>>>>
>>>>>>shown below:
>>>>>>
>>>>>><Engine>
>>>>>><Host>
>>>>>><Context>
>>>>>><Realm
>>>>>
>>>>>className="org.apache.catalina.realm.JDBCRealm "
>>>>>
>>>>>
>>>>>>debug="99"
>>>>>>driverName="com.mysql.jdbc.Driver "
>>>>>>
>>>>>
>>>>>connectionURL="jdbc:mysql://localhost:3306/artimus
>>>
>>>>>> user=javauser&password=javadude"
>>>>>>userTable="members" userNameCol="user_name"
>>>>>> userCredCol="user_password"
>>>>>>userRoleTable="user_roles"
>>>>>
>>>>>roleNameCol="user_role"/>
>>>>>
>>>>>></Context>
>>>>>></Host>
>>>>>></Engine>
--
struts 1.1 + tomcat 5.0.12 + java 1.4.2
Linux 2.4.20 RH9
-- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ------
To unsubscribe, e-mail: tomcat-user-unsubscribe@(protected)
For additional commands, e-mail: tomcat-user-help@(protected)
|
|
|
