This week's book giveaway is in the Servlets forum.
We're giving away four copies of Murach's Java Servlets and JSP and have Joel Murach on-line!
See this thread for details.
The moose likes Tomcat and the fly likes Authentication users not in tomcat-users.xml Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Authentication users not in tomcat-users.xml" Watch "Authentication users not in tomcat-users.xml" New topic

Authentication users not in tomcat-users.xml

Remko Strating
Ranch Hand

Joined: Dec 28, 2006
Posts: 893
I hope that what i want is possible in tomcat.

I want the use a simple authorization which is described in HFSJ in Apache Tomcat for a webapplication. Normally I do the authentication with users stored in a database, but I want this application to be database independent, so that's not possible.

In HFSJ they describe that you have to adjust tomcat-users.xml file. I don't want to do that, I want all the information just stored in my web.xml file.

Remko (My website)
SCJP 1.5, SCWCD 1.4, SCDJWS 1.4, SCBCD 1.5, ITIL(Manager), Prince2(Practitioner), Reading/ gaining experience for SCEA,
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 41062
No, that's not possible. The contents of the web.xml file are defined by the servlet specification, and authentication information has no place in it.

That's one of the areas left blank by the spec: where and how a servlet container can find user information. So every container has its own mechanism.

Ping & DNS - my free Android networking tools app
Remko Strating
Ranch Hand

Joined: Dec 28, 2006
Posts: 893
Thanks for your answer. Maybe they will solve that later in spec.

The problem now is that I've to adjust a file which is not part of my war file. I will have to adjust my installation script by changing the tomcat-users.xml file.
I agree. Here's the link:
subject: Authentication users not in tomcat-users.xml
Similar Threads
Tomcat 6.0.32 HTTP Status 403 - Access to the requested resource has been denied
Web App Security
how to get parameters and its values of apache tomcat server
wildcard for tomcat-users.xml users
Adding New Users