• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Roles and Responsibilities of Catalina in Tomcat server

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Can anyone explain me in detail about Catalina in Tomcat? I went through some articals and I found that :-
'Catalina is Tomcat's servlet container. Catalina implements Sun Microsystems' specifications for servlet and JavaServer Pages (JSP). In Tomcat, a Realm element represents a "database" of usernames, passwords, and roles (similar to Unix groups) assigned to those users. Different implementations of Realm allow Catalina to be integrated into environments where such authentication information is already being created and maintained, and then use that information to implement Container Managed Security as described in the Servlet Specification'

But I don't understand what they are trying to say by stating :- 'Catalina implements Sun Microsystems' specifications for servlet and JavaServer Pages (JSP).'

Thanks
 
Saloon Keeper
Posts: 27762
196
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
" Sun Microsystems' specifications for servlet and JavaServer Pages (JSP)" is actually an outdated statement. Oracle bought Sun several years ago, and I'm not sure how much effort they've been putting into maintaining Sun's distinct identity.

Regardless, say Sun or say Oracle, they own Java and the official specifications for Enterprise Java (and Java in general, of course). So what they're saying is that Tomcat implements those particular components of the J2EE spec in compliance with the spec. Or, in other words, write an app that follows the rules defined by the J2EE/JEE spec and they guarantee that the app will run the same way on Tomcat or any other compliant server - JBoss, WebLogic, WebSphere, jeTTy, or whatever.

I disagree on the definition of Realm, however. A Realm is an implementation of the authentication and authorization services of the J2EE/JEE container-managed security specification. In Tomcat - as in many J2EE servers - a Realm is a plugin service that can be swapped with any other Realm without changing the logic or internal configuration (web.xml) of the webapp that it secures. It isn't a "database", it's implemented as a set of standard interfaces, and whether the user ID and password are stored in a database, file, LDAP directory or something more dynamic (such as a call to an external web service), doesn't matter.

If I wanted to define a Realm where the password you logged in was defined by the phase of the moon and the orbital inclination of the planet Saturn instead of being a static value in an SQL database, I could do that.
 
Don't get me started about those stupid light bulbs.
reply
    Bookmark Topic Watch Topic
  • New Topic