Securing with Tomcat

In this recipe, we will configure a JAAS realm using Tomcat 6.x.x/7.x.x.

Getting ready

Locate the declaration of the realm inside <PORTAL_WAR_ROOT>/META-INF/context.xml.

How to do it…

  1. Change the default configuration for your needs, as described in the previous recipe. The default configuration is the following:
    <Context path='/portal' docBase='portal' debug='0' 
  reloadable='true' crossContext='true' 
  privileged='true'>
  <Realm className=
   'org.apache.catalina.realm.JAASRealm'
         appName='gatein-domain'
          userClassNames=
   'org.exoplatform.services.security.jaas.UserPrincipal'
         roleClassNames=
   'org.exoplatform.services.security.jaas.RolePrincipal'
         debug='0' cache='false'/>
     <Valve
      className=
'org.apache.catalina.authenticator.FormAuthenticator'
       characterEncoding='UTF-8'/>
</Context>
;
  2. Change the default configuration of the JAAS domain that is defined in the TOMCAT_HOME/conf/jaas.conf file. Here is the default configuration:
    <gatein-domain {
  org.gatein.wci.security.WCILoginModule optional; 

org.exoplatform.services.security.jaas.SharedStateLoginModule required;

 org.exoplatform.services.security.j2ee.TomcatLoginModule required;

};

How it works…

As we have seen in the previous recipe, we can configure the modules in Tomcat using a different configuration file. This means that we can change and add login modules that are related to a specific JAAS realm.

The context.xml file is stored inside the web application. If you don't want to modify this file, you can add a new file called portal.xml in the conf folder to override the current configuration.

See also

  • The Security with JBoss AS recipe
  • The Choosing the JAAS modules recipe
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.221.163.13