I got what you way: the <realm-name> and the <Realm> are not the same thing and not related in the security configuration I am trying to learn. I will try to find time to do some reading on http to understand that realm.
My next goal is a JNDIRealm (LDAP). Thank you very much for your kind help, David! Jason On Mon, Mar 3, 2008 at 4:12 PM, david delbecq <[EMAIL PROTECTED]> wrote: > What is in the web.xml is not tomcat specific. The "realm" you see in > web.xml is related to the notion of realm used by http protocol, that is > a string showed to user when the login with http basic authentification, > and which server for browser to seperate login in different "realms" for > a same server (eg an admin realm, a shopping realm, a clerk realms) > > The link between a webapplication and a tomcat realm (that is, a source > for users passwords and roles) is done in a context.xml file, which is > tomcat specific. The file can be either located in META-INF/context.xml > in your webapp for auto configuration or be put manually in tomcat > config (conf/Catalina/<host>/<webapp>.xml) > Jason Ling a écrit : > > Thank you, David. Now it works! > > > > I looked back into the documentation for DataSource, and then configured > one > > in the server.xml file as a JNDI <Resource>. It seems to me that the > > <Realm> gets associated with the <Resource> by jdbc/webappDB, and that > tells > > tomcat server where to find the Oracle server. > > > > Nevertheless, I still still have a few questions: > > > > What is the the <realm-name> sub-element of <login-config> for in the > > application's web.xml file, when and how is it used? Suppose I > configure > > more than one <Realm> in server.xml, is that the scenario where I need > to > > use the <real-name> tag to specify which Realm to use? In that case, > > <realm-name>what is the name</realm-name> for the realm? > > > > Thanks a lot for your guide! > > > > > > Jason > > > > > > > > On Mon, Mar 3, 2008 at 3:11 PM, david delbecq <[EMAIL PROTECTED]> > wrote: > > > > > >> And, actually, you didn't do the part where you configure the > datasource > >> that your realm will use, information that is provided in the link i > >> pointed you to. If you did actually configure the datasource (which is > >> separate from the datasourcerealm), you wouldn't say > >> > >> > >>> I still wonder > >>> how Tomcat would know where to go > >>> > >> moreover none of the configuration statements you pasted show any track > >> of your datasource configuration, which agina is separate from the > realm. > >> > >> > >> Jason Ling a écrit : > >> > >>> Thank you, David. > >>> > >>> Sorry, I sent this message two times, each time only the quoted > message > >>> > >> was > >> > >>> sent, but not my reply. This is another try. > >>> > >>> Actually I did read the document you provided the link to. In that > >>> > >> document > >> > >>> (The Realm Component) the following attributes are listed for the > >>> DataSourceRealm: > >>> > >>> dataSourceName > >>> roleNameCol > >>> userCredCol > >>> userNameCol > >>> userRoleTable > >>> userTable > >>> > >>> and I actually used all of them in my first attempted configuration as > >>> > >> shown > >> > >>> in my original email: > >>> > >>> First attempt: > >>> ++++++++++ > >>> I replaced the above-mentioned <Realm> element with the following > >>> > >> one, > >> > >>> mimicking the example for mySQL in the documentation: > >>> > >>> <Realm className="org.apache.catalina.realm.DataSourceRealm" > >>> dataSourceName="jdbc/webappDB" > >>> userTable="users" userNameCol="user_name" > >>> userCredCol="user_pass" > >>> userRoleTable="user_roles" roleNameCol="role_name" /> > >>> > >>> And that did not work out, you know, as I mentioned. I still do not > >>> > >> know > >> > >>> what was wrong with my configuration for DataSourceRealm. I still > >>> > >> wonder > >> > >>> how Tomcat would know where to go to look for the users table and the > >>> user_roles table, which are on the Oracle server which is > >>> > >> sb.lehman.cuny.edu, > >> > >>> and is not in any of the attributes listed above. Did I miss any > >>> > >> components > >> > >>> in the configuration that I tried? > >>> > >>> > >>> Jason > >>> > >>> > >>> > >>> On Mon, Mar 3, 2008 at 1:11 PM, David Delbecq <[EMAIL PROTECTED]> > >>> > >> wrote: > >> > >>> > >>>> Jason Ling a écrit : > >>>> > >>>> > >>>>> I changed the <Realm> element in the server.xml file, and it became: > >>>>> > >>>>> <Realm className="org.apache.catalina.realm.DataSourceRealm" > >>>>> dataSourceName="jdbc/webappDB" > >>>>> driverName="oracle.jdbc.OracleDriver" > >>>>> connectionURL="jdbc:oracle:thin:@sb.lehman.cuny.edu:1521 > >>>>> > >> :idm0" > >> > >>>>> connectionName="webappdb" connectionPassword="GreenHorn" > >>>>> userTable="users" userNameCol="user_name" > >>>>> userCredCol="user_pass" > >>>>> userRoleTable="user_roles" roleNameCol="role_name" /> > >>>>> > >>>>> > >>>>> > >>>>> > >>>> your are using the datasourcerealm with parameters from the > jdbcrealm, > >>>> those are two separate realms. For datasource realm, you need to > define > >>>> a datasource that matches the one specified in > >>>> > >>>> dataSourceName="jdbc/webappDB" > >>>> > >>>> To get more information on how to configure a datasource, please go > >>>> there: > >>>> > >>>> > >>>> > >> > http://tomcat.apache.org/tomcat-5.5-doc/jndi-datasource-examples-howto.html > >> > >>>> --------------------------------------------------------------------- > >>>> To start a new topic, e-mail: users@tomcat.apache.org > >>>> To unsubscribe, e-mail: [EMAIL PROTECTED] > >>>> For additional commands, e-mail: [EMAIL PROTECTED] > >>>> > >>>> > >>>> > >>>> > >>> > >> --------------------------------------------------------------------- > >> To start a new topic, e-mail: users@tomcat.apache.org > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
