Monday, March 29, 2010

Adding HTTP Authentication to Tomcat Container

I used the following method to secure the entire application. We use .htaccess based authentication setup in apache. I wanted a same sort of setup in tomcat instance.

Initially I added a user in the $catalina_home/conf/tomcat-users.xml







Then I add the security constraint in the web.xml of the application. In my case it was the default application ROOT. Hence I added the following entries in $catalina_home/webapps/ROOT/WEB-INF/web.xml





Entire Application
/*



agroup





BASIC
Authenticate yourself





The role that is required to log in to the Manager Application

agroup




Hence all the users under the security role "agroup" will be able to access the applicationn.

Hope this helps some one somewhere..

No comments:

Post a Comment