File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Servlets and the fly likes Applying Security to Servlets Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Applying Security to Servlets" Watch "Applying Security to Servlets" New topic
Author

Applying Security to Servlets

Mike Thomson
Ranch Hand

Joined: Nov 07, 2007
Posts: 115
I am studying the security part of HFSJ. In that they have mapped the users in tomcat-users.xml to DD <security-role> element in web.xml.

I am wondering how can we add all the user id and their password in the tomcat-users.xml. whenever a new user is registering, we have to edit the tomcat-users.xml and restart the application will be painful.

Although it is vendor specific, I want to know how we can map the DD <security-role> from the user id and password in the DB.

When a new user is registering, I am capturing his/her user id and password and store it in the DB. How can I configure the <security-role> element in web.xml? Please advice. Any links/material dealing with this will be more helpful.(though I prefer DB rather LDAP, as I am trying out in my personal pc)
Joe Ess
Bartender

Joined: Oct 29, 2001
Posts: 8927
    
    9

Originally posted by Mike Thomson:
How can I configure the <security-role> element in web.xml? Please advice.


You only need to declare security roles in web.xml to map roles to web-resource-collections. Since you should not be creating roles on the fly, you don't need to touch web.xml. Your user database should map a user to a particular role.
Tomcat Documentation: JDBCRealm Configuration


"blabbing like a narcissistic fool with a superiority complex" ~ N.A.
[How To Ask Questions On JavaRanch]
Mike Thomson
Ranch Hand

Joined: Nov 07, 2007
Posts: 115
Thanks Joe for your reply.
 
jQuery in Action, 2nd edition
 
subject: Applying Security to Servlets