aspose file tools*
The moose likes JSP and the fly likes Authentification in my webapp Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Java » JSP
Bookmark "Authentification in my webapp" Watch "Authentification in my webapp" New topic
Author

Authentification in my webapp

Gezza Hall
Ranch Hand

Joined: Jan 04, 2005
Posts: 33
Hi all. I've built a JSP webapp which uses a authorization/authentification mechanism based on this idea here. Basically, a SecurityRealm is declared in the server.xml file.

It works great, but I need to adapt this so that I don't use the server.xml file, ie. all configuration is done using the web.xml. Can I achieve this, or would I have to completely redesign my whole app?

Thanks!
Adeel Ansari
Ranch Hand

Joined: Aug 15, 2004
Posts: 2874
I think you need to configure the server accordingly by modifying server.xml, as stated there in your refered link.
Adeel Ansari
Ranch Hand

Joined: Aug 15, 2004
Posts: 2874
This might help.
Gezza Hall
Ranch Hand

Joined: Jan 04, 2005
Posts: 33
Sorry, but if you read my question you will see that I am trying to move away from configuring the server.xml file.

This is what I was already using, and all require modification of that file.
Adeel Ansari
Ranch Hand

Joined: Aug 15, 2004
Posts: 2874
I dont think any way of doing it without configuring the server.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39578
    
  27
You can't use Tomcats realms without configuring them in server.xml. And if that's not possible, then you can't use most of the web app security as defined in web.xml either, because that's automatically tied to those realms. It's not hard to roll your own code for Basic HTTP authentication and access some repository for user information, though.


Ping & DNS - updated with new look and Ping home screen widget
Gezza Hall
Ranch Hand

Joined: Jan 04, 2005
Posts: 33
Well I managed it, you can do it without using the server.xml, if you implement this API - SecurityFilter - http://securityfilter.sourceforge.net/

Great stuff.
Ulf Dittmer
Marshal

Joined: Mar 22, 2005
Posts: 39578
    
  27
Gezza, that's indeed a very interesting project. I'm working on a project where the standard web-app security is insufficient (namely, the mapping of resources to be protected was not powerful enough), and this looks a good way to handle that. Thanks for posting the link.
Adeel Ansari
Ranch Hand

Joined: Aug 15, 2004
Posts: 2874
Yes its likely to use security filters, no matter its ready made or one of your own.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Authentification in my webapp
 
Similar Threads
Authentification approach, please help.
Deployment descriptor
Tomcat Configuration with more than 2,000 apps
Error confguring multiple contexts/data sources in Tomcat 5
Giving Tomcat Project under Eclipse a needed config .xml file?