Skip to main content

Password protecting tomcat web application

Following configuration in web.xml of a web application is useful for password protecting the web application in tomcat servlet engine.

    
<security-constraint>
<web-resource-collection>
<web-resource-name>portalBase Application</web-resource-name>
<url-pattern>/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->

<http-method>DELETE</http-method>

<http-method>GET</http-method>

<http-method>POST</http-method>

<http-method>PUT</http-method>

</web-resource-collection>
<auth-constraint>
<role-name>role1</role-name>

</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>portalBase Application</realm-name>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<role-name>role1</role-name>
</security-role>




Update tomcat-users.xml in $CATALINA_HOME/conf directory to associate users with the role.

<?xml version='1.0' encoding='utf-8'?>

<tomcat-users>

<role rolename="tomcat"/>

<role rolename="role1"/>

<role rolename="manager"/>

<role rolename="admin"/>

<user username="tomcat" password="tomcat" roles="tomcat"/>

<user username="role1" password="tomcat" roles="role1"/>

<user username="admin" password="password" roles="admin,manager"/>

</tomcat-users>



Restart the tomcat and try the url to web application. It should pop up a username/password dialog box.

Comments

Popular posts from this blog

Creating no-reply@domain.com account in Postfix

If you wanted to send emails to users but did not want to receive any replies to the email, you would need to setup a no-reply@domain.com email account. These kind of email ids are useful when sending emails containing forgotten passwords or activation code. Below are the steps for creating such account in Postfix. 1. Identify the file containing alias for Postfix First, make sure the following line in the ALIAS DATABASE section of the /etc/postfix/main.cf is NOT commented out: alias_maps = hash:/etc/aliases 2. Create an alias that redirects messages to /dev/null Edit /etc/aliases and add following entry devnull: /dev/null 3. Create a virtual email id Edit /etc/postfix/virtual and add following entry no-reply@domain.com devnull 4. refresh postfix alias and postfix cache Execute following commands. (You may require root privileges) > newaliases > postfix reload

jupyter notebook execution error: "http://localhost:8889/tree?token=xxx" doesn’t understand the “open location” message

I got this error when I tried to launch jupyter notebook on a mac. It is not a fatal error. I could still go to browser directly and copy/paste the url manually. The error indicates that when the command automatically tried to launch a browser, it couldn't find the default browser in jupyter configuration file. The easy fix is to specify the browser. Here are the steps to do so; 1.   Open ~/.jupyter/jupyter_notebook_config.py in an editor.       If the file does not exist then you can create a default config file by typing the following command;       jupyter notebook --generate-config 2. Search for a word "browser" to locate a following line.     #c.NotebookApp.browser = ''     By default it is commented. You can uncomment it and use one of the following values depending on your browser preference.     # set default browser to chrome     c.NotebookApp.browser = 'chrome'     # set default browser to safari     c.NotebookApp.browser = 

.ssh/config: “Bad configuration option: UseKeychain” on Mac OS

After upgrading Mac OS to Mojave I started seeing this error when doing "git pull". I was able to follow the steps below as described here ; 1. open ssh config vi ~/.ssh/config 2. Add the following lines to ssh config to keep your configuration compatible with both new and old versions of openssh. IgnoreUnknown UseKeychain UseKeychain yes That fixed the issue for me. Try running git pull again.    More details about the issue are available here .