Tomcat security roles mapping
Asked Answered
A

1

8

This is related to Tomcat 6 with JAASRealm and a custom JAAS module for security.

Other Application Servers seem to support the mapping of application role names (in web.xml) to actual groups of the underlying security realm by using with server specific deployment descriptors - as mentioned in the Java EE 5 Tutorial.

Does Tomcat have a similar mechanism?

Edit: This thread seems to talk of the same requirement, but unfortunately doesn't have a definitive answer.
A request for enhancement to JBoss Web (with tomcat under the hood) has been made to address this same issue.

Allhallows answered 11/11, 2010 at 9:57 Comment(1)
I've created java.net/jira/browse/JAVAEE_SPEC-20 in support of this. Hopefully this will be possible in a future version of Java EE and/or Servlet. If you (or anyone else) still cares for this, please vote for the issue.Chairman
C
0

you can check $CATALINA_HOME/conf/tomcat-users.xml there you can add and manage roles .. you can use the GUI provided by tomcat you can check GUI Administration

and Tomcat Roles Management

Crompton answered 11/3, 2011 at 13:23 Comment(1)
this is not the same as server-specific deployment descriptors which are part of the deployable.Allhallows

© 2022 - 2024 — McMap. All rights reserved.