File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Tomcat and the fly likes Login to Linux through Tomcat? Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Products » Tomcat
Reply Bookmark "Login to Linux through Tomcat?" Watch "Login to Linux through Tomcat?" New topic
Author

Login to Linux through Tomcat?

Lon Allen
Ranch Hand

Joined: May 24, 2001
Posts: 67
posted private message
0
Quote
I am working on a JSP application running on Linux and Tomcat. My requirements are specifying that I don't use Tomcat security to login and/or placing the password in a flat file on the system. We are wanting to verify the user by trying to login to the Linux system using an account/password setup on the system. The reason for this is to allow the user the ability to change his/her password at a later date and later logins would allow the use of the new password.
Does anyone know of a way that I can do this? I want to pass the login information to the OS and attempt to login there. If it passes I will set a flag in the ServletContext to show that a successful login occurred and allow all other accessable web pages/JSPs to be displayed. If not an error screen would be displayed. OS login is also necessary because we plan to allow the user to configure the device via the web application. I realize that passwork incription will also be needed to hide the password from anyone monitoring the data being passed to the device.
Any help would be greatly appreciated.

Lon Allen
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 14487
    
    7

I like...
Android Eclipse IDE Linux
posted private message
0
Quote
Tomcat comes supplied with 4 different security realm implementations, only one of which is a flat (XML) file. The flat file is only really recommended for "quick-and-dirty" use anyway. More commonly used are the jdbc or JNDI realms.
A userid/password stored in a database can be validated in the JDBC realm, and updating the password is just as simple as any other sort of update.
On the other hand, if you are running a limited-access server and you're presently using JNDI to manage Linux accounts, you'd probably want to use that facility.
If you're REALLY ambitious, you can write your own custom realm class that invokes PAM, but if you want to provide a single signon for both Linux and Web, you should probably be using JNDI.

Customer surveys are for companies who didn't pay proper attention to begin with.
Mario Rendon
Greenhorn

Joined: Jul 11, 2002
Posts: 24
posted private message
0
Quote
Tim:
interesting .. of the 4 ways that tomcat can handle Login .
where i could get more information??

i was about to suggest that Apache got's the schema you were saing but i didn't know that tomcat could use those also .
grettings ..
 
I agree. Here's the link: http://zeroturnaround.com/jrebel - it saves me about five hours per week
 
subject: Login to Linux through Tomcat?
 
Similar Threads
File download link
How to secure web resources by using MS Active Directory as LDAP Server?
Access Linux shared folder from Windows OS
Authenticate user without Login page
File download link