File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Tomcat and the fly likes Tomcat simple login Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Tomcat simple login" Watch "Tomcat simple login" New topic

Tomcat simple login

Jose sanchez a

Joined: Aug 05, 2011
Posts: 1
Is there a simple tomcat login tool?

Like the .htaccess in apache?
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 17421

Welcome to the JavaRanch, José!

Tomcat supports J2EE-standard container-based Authentication and Authorization. You can read up on that in most good books on servlets and JSPs.

The J2ee and JEE standards don't specify what mechanisms are actually used to handle login. They leave that up to the server, since login is handled by the server. In the case of Tomcat, the login processor is supported by plugins called Realms.

About the simplest way to use this process is to configure a MemoryRealm, as documented in the Tomcat online documentation. The default for the MemoryRealm is to check userids and passwords against entries in an XML file named (by default) "conf/tomcat-users.xml". This file also defines the names of the security roles assigned to users and assigns the roles to the users.

tomcat-users.xml is good for testing, but on production systems, it's better to use a more advanced Realm such as a DataBaseRealm or JNDIRealm. Fortunately, this can be done easily by just changing the webapp deployment descriptor. No application changes are required.

An IDE is no substitute for an Intelligent Developer.
I agree. Here's the link:
subject: Tomcat simple login
It's not a secret anymore!