Tomcat Web Hosting Blog - Java, JSP, EJB, Hibernate

Chapter 14: Tomcat Security File-Based Realm: UserDatabase A file-based Realm maintains its authentication data in flat files. These files can be edited using a normal text editor. The data is kept in human-readable format (such as XML). The primary built-in file-based Realm implementation for Tomcat 6 is called UserDatabase. UserDatabase reads authentication data from a specified XML file for use by Tomcat 6 during startup. This realm also has the following properties: . The data in the Realm can be programmatically changed during the lifetime of the engine. This enables various possibilities for building administrative utilities. . UserDatabase is persistent. That is, upon modification and shutdown, the UserDatabase can also persist any changes back to its associated XML ( tomcat-users.xml) data file. . The admin(not yet available with TC6) utility supports the graphical editing of authentication data within a UserDatabase Realm. The UserDatabase realm is an integral part of Tomcat 6 s authentication and programmatic security support. Configuring UserDatabase In the default server.xml (in the Tomcat 6 server distribution), the UserDatabase Realm is already configured. The UserDatabase is typically configured in the element as a JNDI Resource. Here is a typical configuration: This makes the UserDatabase accessible from an application via JNDI lookup, relative to the java: comp/env naming context. Furthermore, it also provides an easy reference in a later scope. For example, you can use the UserDatabase as a Realm at the container level by adding the following definition: In fact, this is precisely the content of the default Tomcat 6 server.xmlfile. This means that both the managerapplication and the host-manager system applications actually rely on UserDatabase as the Realm for authentication. To see how UserDatabase is a modifiable, updateable Realm, use a text editor to add a new user/ password entry: 1. Find the $CATALINA_HOME/conf/tomcat-users.xmlfile and add the following entry using the text editor:

For high quality java hosting services please check tomcat web hosting website.

This entry was posted on Monday, August 31st, 2009 at 2:35 am and is filed under tomcat. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.