• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Jeanne Boyarsky
  • Liutauras Vilda
Sheriffs:
  • Rob Spoor
  • Bear Bibeault
  • Tim Cooke
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Piet Souris
Bartenders:
  • Frits Walraven
  • Himai Minh

Applying Security to Servlets

 
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I am studying the security part of HFSJ. In that they have mapped the users in tomcat-users.xml to DD <security-role> element in web.xml.

I am wondering how can we add all the user id and their password in the tomcat-users.xml. whenever a new user is registering, we have to edit the tomcat-users.xml and restart the application will be painful.

Although it is vendor specific, I want to know how we can map the DD <security-role> from the user id and password in the DB.

When a new user is registering, I am capturing his/her user id and password and store it in the DB. How can I configure the <security-role> element in web.xml? Please advice. Any links/material dealing with this will be more helpful.(though I prefer DB rather LDAP, as I am trying out in my personal pc)
 
Bartender
Posts: 9625
16
Mac OS X Linux Windows
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Originally posted by Mike Thomson:
How can I configure the <security-role> element in web.xml? Please advice.



You only need to declare security roles in web.xml to map roles to web-resource-collections. Since you should not be creating roles on the fly, you don't need to touch web.xml. Your user database should map a user to a particular role.
Tomcat Documentation: JDBCRealm Configuration
 
Mike Thomson
Ranch Hand
Posts: 121
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Joe for your reply.
 
This is my favorite show. And this is my favorite tiny ad:
Thread Boost feature
https://coderanch.com/t/674455/Thread-Boost-feature
reply
    Bookmark Topic Watch Topic
  • New Topic