Re: [Juglist] Tomcat Container Managed Security

[Daniel Zhang]

Hi, Richard -

The first thing I noticed is "<url-pattern>/a</url-pattern>". If you 
want to protect everything under directory "a", you should use 
"<url-pattern>/a/*</url-pattern>". And make sure your PostgreSQL is 
running and JDBC driver jar is in place(e.g. .../common/lib).

-Daniel

Richard O. Hammer wrote:

I'm using Tomcat 5.0.16 as a standalone container for a web app, 
trying to make its Container Managed Security work with a JDBCRealm.
For some reason it is serving a JSP from a directory which I am trying 
to protect, without asking for authentication.

Here is some of the XML I am using.
In my conf/server.xml I have this Realm element inside an my Engine:
      <Realm  className="org.apache.catalina.realm.JDBCRealm" debug="99"
             driverName="org.postgresql.Driver"
          connectionURL="jdbc:postgresql://192.168.1.12:5432/db5"
         connectionName="tomcat" connectionPassword="myPassword"
              userTable="customer" userNameCol="userName"
          userCredCol="password"
          userRoleTable="userRoles" roleNameCol="role" />


And my web.xml deployment descriptor looks like this:

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web 
Application 2.3//EN"
                "http://java.sun.com/dtd/web-app_2_3.dtd";>
<web-app>
    <security-constraint>
        <web-resource-collection>
            <web-resource-name>duh</web-resource-name>
            <url-pattern>/a</url-pattern>
        </web-resource-collection>
          <auth-constraint>
             <role-name>ball</role-name>
          </auth-constraint>
        <user-data-constraint>
            <transport-guarantee>confidential</transport-guarantee>
        </user-data-constraint>
    </security-constraint>
    <login-config>
        <auth-method>BASIC</auth-method>
    </login-config>
    <security-role>
      <role-name>ball</role-name>
    </security-role>
</web-app>

Any suggestions?

Do you believe that this part of Tomcat works?

Is there good documentation anywhere, telling me how to set this up?

Thanks,
Rich Hammer
_______________________________________________
Juglist mailing list
[EMAIL PROTECTED]
http://trijug.org/mailman/listinfo/juglist_trijug.org


_______________________________________________
Juglist mailing list
[EMAIL PROTECTED]
http://trijug.org/mailman/listinfo/juglist_trijug.org