I'm working on setting up BASIC authentication using container managed
security in Tomcat 5.5.15. However, It's not working so now I'm
wondering if my set up is wrong. The JNDI DataSource definitely works,
I'm not so sure about the realm. Is there another way to test it?
Would you mind looking at my configuration files?
This is what I have so far:
*Context.xml*
<?xml version="1.0" encoding="UTF-8"?>
<Context path="/npp">
<Resource name="jdbc/NppDB" auth="Container"
type="javax.sql.DataSource"
driverClassName="oracle.jdbc.driver.OracleDriver"
url="jdbc:oracle:thin:@server:1521:SID"
username="scott" password="tiger" maxActive="20" maxIdle="10"
removeAbandoned="true"
logAbandoned="true"
maxWait="-1"/>
<Realm className="org.apache.catalina.realm.DataSourceRealm"
debug="99"
dataSourceName="jdbc/NppDB"
userTable="NPPUSER" userNameCol="EMAIL" userCredCol="PASSWORD"
userRoleTable="USER_ROLE" roleNameCol="ROLE"/>
</Context>
*web.xml*
...
<resource-ref>
<res-ref-name>jdbc/NppDB</res-ref-name>
<res-type>javax.sql.DataSource</res-type>
<res-auth>Container</res-auth>
<res-sharing-scope>Shareable</res-sharing-scope>
</resource-ref>
<security-constraint>
<web-resource-collection>
<web-resource-name>
The whole site
</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>member</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>member</role-name>
</security-role>
<security-role>
<role-name>vendor</role-name>
</security-role>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>NPP</realm-name>
</login-config>
...
*end web.xml*
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
