• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Tomcat security Problem

 
Ranch Hand
Posts: 226
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have 1 tomcat server (5.5) and i have deployed 2 independent applications on it.

Application 1 has security, which is implemented using BASIC AUTHENTICATION mode of tomcat. defining the username and password in conf/tomcat-users.xml file.

Application 2 has form based security and for some enhanced security i have added the "realm" for the database in conf/server.xml file.

Now, if add the realm thing in server.xml file my basic authentication stop working in application 1 (application 2 security still works) on the other hand if i remove this realm then my basic authentication work and ofcourse my application 2 will not be able to imply security. What to do? I can't use another tomcat for another application.
 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
The Realm element is part of the Engine element, so only a single realm can be configured per Engine. If you set up a second Service element you can configure its Engine to use a different realm.
 
Em Aiy
Ranch Hand
Posts: 226
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Ulf Dittmer:
The Realm element is part of the Engine element, so only a single realm can be configured per Engine. If you set up a second Service element you can configure its Engine to use a different realm.



so what if i have to configure security for 2 applications on the same server? Need Basic Authentication for application 1 and Form Based Security for Application 2?

Can you elaborate for setting another engine?
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

so what if i have to configure security for 2 applications on the same server? Need Basic Authentication for application 1 and Form Based Security for Application 2?


That's no problem. Within a web app you can only use one or the other -not both-, but different web apps can use different forms of authantication.

What is not possible is to use different Realm implementations for the same Tomcat Service. That's a limitation of Tomcat, and has nothing to do with servlets per se. See below for how to get around this.

Can you elaborate for setting another engine?


Much more information about that can be found in the Tomcat docs. You could start by duplicating the Service element in the server.xml file, and then changing the Realm of the second one to suit your needs.
 
Em Aiy
Ranch Hand
Posts: 226
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have placed the following configuration in server.xml file after reading from tomcat site


But it is not working ... the way i want to.
 
Ulf Dittmer
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
That's interesting. So Tomcat does allow different realms for each web app by declaring them in the Context element. Note that it's "Context", not "context" - is that just a typo in the post?

What does "But it is not working" mean? How is or isn't it working? Is the web app itself working properly (apart from the authentication)?
 
He's giving us the slip! Quick! Grab this tiny ad!
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic