<Engine ...> <Realm class="..."></Realm> <Host ...> <!-- Using the Engine's Realm --> <Context ...> <Realm ...> <!-- This overrides the Engine's Realm just for this Context --> </Realm> </Context> </Host> <Host ...> <!-- Using the Engine's Realm --> <Realm ...> <!-- Ignore the Engine's Realm and use this one --> </Realm> <Context ...> <!-- This overrides the Host's Realm --> </Context> </Host> </Engine>
[Actually the <Context> elements should be their own xml files, but thats a topic for another day]
-Tim
Caroline Jen wrote:
I am lost. Right now, I have
<Realm className="org.apache.catalina.realm.JDBCRealm"
debug="99" driverName="com.mysql.jdbc.Driver"
connectionURL="jdbc:mysql://localhost:3306/artimus?
user=javauser&password=javadude" userTable="members" userNameCol="user_name" userCredCol="user_password"
userRoleTable="user_roles" roleNameCol="user_role"/>
in the <Host> element. The UserDataTable is in the <Engine> element and is commented out like this:
<!--
<Realm
className="org.apache.catalina.realm.UserDatabaseRealm"
debug="0" resourceName="UserDatabase"/>
-->
For the JDBCRealm applies to my application only, your advice is that I should configure within the <Context> element like this:
<Context path="/myapp" docBase="myapp"> <Realm className="org.apache.catalina.realm.JDBCRealm" ..... />
Do you mean that I should also move UserDatabaseRealm from <Engine> to <Host>? And I should not comment it out?
-Caroline </Context>
--- Adam Hardy <[EMAIL PROTECTED]> wrote:
On 10/13/2003 07:56 AM Bill Barker wrote:news:[EMAIL PROTECTED]
"Caroline Jen" <[EMAIL PROTECTED]> wrote in
message
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#Configuring%20a%20RealmTim:
Before I posted my questions regarding the problem that I encountered, I have gone through
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#Configuring%20a%20RealmAs long as I have the JDBCRealm in the server.xml, the Tomcat does not accept <security-constraint> specified in the
application's
web.xml file. And the Tomcat cannot find my application.
Following your advice, I moved the Realm declaration outside of the <Context> declaration
into
the <Host> declaration, and my problem is solved.
Nonetheles, you also said "refine the <Realm>
in
each context where it is needed." I really want
the
JDBCRealm applies to my application only. My
question
is how do I do it?
If what is below is accurate, then your <Context>
is configured wrong. It
needs to be: <Context path="/myapp" docBase="myapp"> <Realm
className="org.apache.catalina.realm.JDBCRealm"
..... /> </Context>
You should probably also leave e.g. the
UserDatabaseRealm configured under
the <Host>, so that other Contexts (i.e. admin &
manager) have a Realm to
use. By configuring your own Realm under your
<Context>, it will override
the one defined in the <Host>.
As long as you configure a 'manager' role for the
superuser in your realm, then the superuser can happily login to & use
admin & manager - if that fits in with the security requirements of
course. That's what I do. But then I am project manager, chief developer,
webmaster and DBA for my current project (I should say that more
often, it makes Monday mornings great! Just don't tell anyone I'm working
for myself :) ).
Currently, my JDBCRealm looks like:
<Engine> <Host> <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" driverName="com.mysql.jdbc.Driver"
connectionURL="jdbc:mysql://localhost:3306/artimus?
user=javauser&password=javadude"
userTable="members" userNameCol="user_name" userCredCol="user_password" userRoleTable="user_roles"
roleNameCol="user_role"/>
<Context> ................. </Context> </Host> </Engine>
--Caroline
My configuration in the
$TOMCAT_HOME/conf/sever.xml is
shown below:
<Engine> <Host> <Context> <Realm
className="org.apache.catalina.realm.JDBCRealm"
debug="99" driverName="com.mysql.jdbc.Driver"
connectionURL="jdbc:mysql://localhost:3306/artimus
user=javauser&password=javadude" userTable="members" userNameCol="user_name" userCredCol="user_password" userRoleTable="user_roles"
roleNameCol="user_role"/>
</Context> </Host> </Engine>
--- Tim Funk <[EMAIL PROTECTED]> wrote:
=== message truncated ===-Tim
Caroline Jen wrote:
Tim:
Would you explain "refine the <Realm> in
each
context where it is needed"?
-Caroline --- Tim Funk <[EMAIL PROTECTED]> wrote:
Move the Realm declaration outside of the
<Context>
declaration into the <Host> declaration. Or refine the <Realm> in
each
context where it is needed.
-Tim
Caroline Jen wrote:
My applications behave wierd after I
configured
the
JDBCRealm. After experimenting in many
different
ways, I found that as long as I have the
JDBCRealm
inconnectionURL="jdbc:mysql://localhost:3306/artimus
the server.xml, the Tomcat does not accept <security-constraint> specified in the
application's
web.xml file. Please help me.
My configuration in the
$TOMCAT_HOME/conf/sever.xml is
shown below:
<Engine> <Host> <Context> <Realm
className="org.apache.catalina.realm.JDBCRealm"
debug="99" driverName="com.mysql.jdbc.Driver"
user=javauser&password=javadude"
userTable="members" userNameCol="user_name" userCredCol="user_password" userRoleTable="user_roles"
__________________________________ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]