WebStack

docs/JavaServlet/NOTES.txt

569:4390d40b4195
503:5e29854fe10d
390:4c511fdbbf1f
2005-11-15 paulb raw annotate files changeset graph [project @ 2005-11-15 15:46:01 by paulb] Added has_key method. 
     1 Preparing the Application
     2 =========================
     3 
     4 Use the build.py script in the tools/JavaServlet directory to create a Web
     5 application directory. Then, deploy the directory in the servlet container. For
     6 example:
     7 
     8 jython tools/JavaServlet/build.py examples/JavaServlet/SimpleApp.py \
     9     examples/Common/Simple/ \
    10     . \
    11     web.xml \
    12     $CATALINA_HOME/common/lib/activation.jar \
    13     $CATALINA_HOME/common/lib/mail.jar
    14 
    15 This identifies the handler (SimpleApp.py), the application package (Simple),
    16 the directory where the WebStack package is found (.), and the name of the
    17 template for the deployment descriptor (web.xml); it also specifies the
    18 library files which must also be deployed with the application (activation.jar
    19 and mail.jar from the Tomcat libraries in this case); it produces a directory
    20 called SimpleApp in the current directory. To deploy the Web application into
    21 a servlet container like Tomcat, a command like the following can be
    22 performed:
    23 
    24 mv SimpleApp/ $CATALINA_HOME/webapps/
    25 
    26 Upon starting or restarting the servlet container, an URL such as the following
    27 can be used to visit the application:
    28 
    29 http://localhost:8080/SimpleApp/
    30 
    31 Authentication/Authorisation with Apache Tomcat
    32 ===============================================
    33 
    34 In Apache Tomcat, it is not typically possible to use an authenticator with a
    35 WebStack resource without additional configuration being performed first:
    36 
    37   * The web.xml template should be replaced with the protected-web.xml
    38     template in the build.py command. This alternative template produces a
    39     special deployment descriptor which introduces role-based authentication for
    40     the application. Consequently, upon seeing that the application requires a
    41     user with a given role, Tomcat will prompt for the username/password details
    42     of a user with that role, and once such a user has been authenticated, the
    43     resulting user identity is then made available via the API to the
    44     application.
    45 
    46   * The server.xml configuration file in Tomcat should declare the protected
    47     application as a privileged context; for example:
    48 
    49     <Context path="/AuthApp" docBase="AuthApp" privileged="true"/>
    50 
    51   * The tomcat-users.xml configuration file should define suitable users and
    52     roles; for example:
    53 
    54     <role rolename="webstack"/>
    55     <user username="badger" password="abc" roles="webstack"/>
    56 
    57     Note that it is still possible for an authenticator to reject access to
    58     users even if they have the role stated in the special deployment
    59     descriptor.