1.1 --- a/docs/JavaServlet/NOTES.txt Tue Sep 21 17:59:03 2004 +0000
1.2 +++ b/docs/JavaServlet/NOTES.txt Tue Sep 21 18:00:01 2004 +0000
1.3 @@ -5,11 +5,13 @@
1.4 jython tools/JavaServlet/build.py examples/JavaServlet/SimpleApp.py \
1.5 examples/Common/Simple/ \
1.6 . \
1.7 + web.xml \
1.8 $CATALINA_HOME/common/lib/activation.jar \
1.9 $CATALINA_HOME/common/lib/mail.jar
1.10
1.11 -This identifies the handler (SimpleApp.py), the application package (Simple)
1.12 -and the directory where the WebStack package is found; it also specifies
1.13 +This identifies the handler (SimpleApp.py), the application package (Simple),
1.14 +the directory where the WebStack package is found (.), and the name of the
1.15 +template for the deployment descriptor (web.xml); it also specifies the
1.16 library files which must also be deployed with the application (activation.jar
1.17 and mail.jar from the Tomcat libraries in this case); it produces a directory
1.18 called SimpleApp in the current directory. To deploy the Web application into
1.19 @@ -22,3 +24,34 @@
1.20 can be used to visit the application:
1.21
1.22 http://localhost:8080/SimpleApp/
1.23 +
1.24 +--------
1.25 +
1.26 +Authentication/authorisation with Apache Tomcat:
1.27 +
1.28 +In Apache Tomcat, it is not typically possible to use an authenticator with a
1.29 +WebStack resource without additional configuration being performed first:
1.30 +
1.31 + * The web.xml template should be replaced with the protected-web.xml
1.32 + template in the build.py command. This alternative template produces a
1.33 + special deployment descriptor which introduces role-based authentication for
1.34 + the application. Consequently, upon seeing that the application requires a
1.35 + user with a given role, Tomcat will prompt for the username/password details
1.36 + of a user with that role, and once such a user has been authenticated, the
1.37 + resulting user identity is then made available via the API to the
1.38 + application.
1.39 +
1.40 + * The server.xml configuration file in Tomcat should declare the protected
1.41 + application as a privileged context; for example:
1.42 +
1.43 + <Context path="/AuthApp" docBase="AuthApp" privileged="true"/>
1.44 +
1.45 + * The tomcat-users.xml configuration file should define suitable users and
1.46 + roles; for example:
1.47 +
1.48 + <role rolename="webstack"/>
1.49 + <user username="badger" password="abc" roles="webstack"/>
1.50 +
1.51 + Note that it is still possible for an authenticator to reject access to
1.52 + users even if they have the role stated in the special deployment
1.53 + descriptor.