Monday, March 29, 2010

Adding HTTP Authentication to Tomcat Container

I used the following method to secure the entire application. We use .htaccess based authentication setup in apache. I wanted a same sort of setup in tomcat instance.

Initially I added a user in the $catalina_home/conf/tomcat-users.xml

Then I add the security constraint in the web.xml of the application. In my case it was the default application ROOT. Hence I added the following entries in $catalina_home/webapps/ROOT/WEB-INF/web.xml

Entire Application


Authenticate yourself

The role that is required to log in to the Manager Application


Hence all the users under the security role "agroup" will be able to access the applicationn.

Hope this helps some one somewhere..

No comments:

Post a Comment