You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Meeraj Kunnumpurath <me...@servicesymphony.com> on 2014/10/11 23:37:44 UTC
Custom Realm
Hi,
I have some specific requirements for security and I have been trying to
right a custom realm, that reads information from the database.
1. I have added a datasource in the global naming resources section in the
server.xml
2. I have packaged the realm class in a JAR file and copied it the server
lib
3. I have included a context.xml in the WAR META-INF, that declares the
realm from (2)
In the constructor of the realm class, I try to look up the datasource,
1. If I use new InitialContext().lookup, I get a name not found exception.
2. If I try to get the global naming context, by calling getServer from
RealBase, getServer returns a null reference.
This is the entry in server.xml
<Resource name="MyDS"
auth="Container"
type="javax.sql.DataSource"
driverClassName="oracle.jdbc.OracleDriver"
factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
url="jdbc:oracle:thin:@10.211.55.7:1521:xe"
username="meeraj"
password="password"
maxTotal="20"
maxIdle="10"
maxWaitMillis="-1"
accessToUnderlyingConnectionAllowed="true"/>
This is the entry in the context.xml
<Realm className="com.ss.security.provider.DatabaseRealm" digest="SHA1"/>
This is the constructor of the Realm class
public DatabaseRealm() throws NamingException {
Context context = null;
try {
context = new InitialContext();
template = new SimpleJdbcTemplate((DataSource)
context.lookup("MyDS"));
} finally {
if (context != null) context.close();
}
}
Any pointers will be highly appreciated.
Many thanks
--
*Meeraj Kunnumpurath*
*Director and Executive PrincipalService Symphony Ltd00 44 7702
693597meeraj@servicesymphony.com <me...@servicesymphony.com>*
Re: Custom Realm
Posted by Daniel Mikusa <dm...@pivotal.io>.
On Sun, Oct 12, 2014 at 8:26 AM, Service Symphony <
meeraj@servicesymphony.com> wrote:
> I have got it working, since the server is not started yet, none of the
> underlying infrastructure is available in the realm class constructor.
>
> Sent from my iPhone
>
> > On 11 Oct 2014, at 22:37, Meeraj Kunnumpurath <
> meeraj@servicesymphony.com> wrote:
> >
> > Hi,
> >
> > I have some specific requirements for security and I have been trying to
> right a custom realm, that reads information from the database.
> >
> > 1. I have added a datasource in the global naming resources section in
> the server.xml
> > 2. I have packaged the realm class in a JAR file and copied it the
> server lib
> > 3. I have included a context.xml in the WAR META-INF, that declares the
> realm from (2)
> >
> > In the constructor of the realm class, I try to look up the datasource,
> >
> > 1. If I use new InitialContext().lookup, I get a name not found
> exception.
> > 2. If I try to get the global naming context, by calling getServer from
> RealBase, getServer returns a null reference.
> >
> > This is the entry in server.xml
> >
> > <Resource name="MyDS"
> > auth="Container"
> > type="javax.sql.DataSource"
> > driverClassName="oracle.jdbc.OracleDriver"
> > factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
> > url="jdbc:oracle:thin:@10.211.55.7:1521:xe"
> > username="meeraj"
> > password="password"
> > maxTotal="20"
> > maxIdle="10"
> > maxWaitMillis="-1"
> > accessToUnderlyingConnectionAllowed="true"/>
> >
> > This is the entry in the context.xml
> >
> > <Realm className="com.ss.security.provider.DatabaseRealm" digest="SHA1"/>
> >
> > This is the constructor of the Realm class
> >
> > public DatabaseRealm() throws NamingException {
> > Context context = null;
> > try {
> > context = new InitialContext();
> > template = new SimpleJdbcTemplate((DataSource)
> context.lookup("MyDS"));
> > } finally {
> > if (context != null) context.close();
> > }
> > }
> >
> > Any pointers will be highly appreciated.
> >
> > Many thanks
> >
> > --
> > Meeraj Kunnumpurath
> > Director and Executive Principal
> > Service Symphony Ltd
> > 00 44 7702 693597
> > meeraj@servicesymphony.com
>
For what it's worth, DataSourceRealm sounds very similar to this. Might
serve as a good example.
http://svn.apache.org/viewvc/tomcat/tc7.0.x/trunk/java/org/apache/catalina/realm/DataSourceRealm.java?view=markup
Dan
Re: Custom Realm
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Meeraj,
On 10/12/14 8:26 AM, Service Symphony wrote:
> I have got it working, since the server is not started yet, none
> of the underlying infrastructure is available in the realm class
> constructor.
If you extend RealmBase (a good idea), then you can use the "lifecycle"
interface to receive calls when Tomcat changes states (e.g. is actually
started and the JNDI service is available).
If you use Tomcat 8, there was recently a change to the realm code to
allow for customized credential handling (i.e. password-munging). If
you only need to customize how passwords are checked -- for example,
by using a different hashing algorithm than what MessageDigest
provides -- then you might want to look into using that instead.
- -chris
>> On 11 Oct 2014, at 22:37, Meeraj Kunnumpurath
>> <me...@servicesymphony.com> wrote:
>>
>> Hi,
>>
>> I have some specific requirements for security and I have been
>> trying to right a custom realm, that reads information from the
>> database.
>>
>> 1. I have added a datasource in the global naming resources
>> section in the server.xml 2. I have packaged the realm class in a
>> JAR file and copied it the server lib 3. I have included a
>> context.xml in the WAR META-INF, that declares the realm from
>> (2)
>>
>> In the constructor of the realm class, I try to look up the
>> datasource,
>>
>> 1. If I use new InitialContext().lookup, I get a name not found
>> exception. 2. If I try to get the global naming context, by
>> calling getServer from RealBase, getServer returns a null
>> reference.
>>
>> This is the entry in server.xml
>>
>> <Resource name="MyDS" auth="Container"
>> type="javax.sql.DataSource"
>> driverClassName="oracle.jdbc.OracleDriver"
>> factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
>> url="jdbc:oracle:thin:@10.211.55.7:1521:xe" username="meeraj"
>> password="password" maxTotal="20" maxIdle="10" maxWaitMillis="-1"
>> accessToUnderlyingConnectionAllowed="true"/>
>>
>> This is the entry in the context.xml
>>
>> <Realm className="com.ss.security.provider.DatabaseRealm"
>> digest="SHA1"/>
>>
>> This is the constructor of the Realm class
>>
>> public DatabaseRealm() throws NamingException { Context context
>> = null; try { context = new InitialContext(); template = new
>> SimpleJdbcTemplate((DataSource) context.lookup("MyDS")); }
>> finally { if (context != null) context.close(); } }
>>
>> Any pointers will be highly appreciated.
>>
>> Many thanks
>>
>> -- Meeraj Kunnumpurath Director and Executive Principal Service
>> Symphony Ltd 00 44 7702 693597 meeraj@servicesymphony.com
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: GPGTools - http://gpgtools.org
iQIcBAEBCAAGBQJUPUKgAAoJEBzwKT+lPKRYHZsP/iLYc/DvR8Ur/1RrViqQmx9a
/8L8BuXwls6G7hLPKiF2H+rzzEChhgqIzIgSQG81gOooqvkStqzdubagcBpcpZbC
HTwkvSnRuDDrK5kXJttsjx4aeDeFuIZwrnMaThKMSyGAuyxCarjdjHrwLPJQFfuC
/alN8lsMCGQVjbEPjrGsT7oNWAqT+AiEQLJhpgnDciWNLshHNlSKDhbS6hj+/yMA
k7vPn8JMvDWAXcWAjoMsRA9KqZXFc2IgHy1j4J0yG7BJ0bwVPvJWZS5vSpjzSJgI
4f8gvtTacePDjw5yBWISAAb8lwUgIK8o82kVuoO5FJiL4M/QpKXa7/yv4WOWmqcp
SqDU7iFDX3AaI3KFeToS1NYzRbB3C4V+galKlVOI2oJxC2W02qR/IjDSsbgCe4GI
tsI+xW5s5tT2bE0PCAEtQXzvEv5L91pIIAhvFPNfQfm2h6tqqnPrndEguLXyicnb
zU0ooQJMZhso2m7C25qmy7K/3RZHjFKkYIbvSUV9C2GNRoc2+FScJugr1gQC3wUI
rO4TX2xYM07M6Dmu2OH7neMfwuIPIafjsBtIEg9+/ZnpXX5YtZm7erL9jJrX/+0b
HOtQywd/RKo7BHnpPztsF8jB5DgiT512vzoLbsJtdjkTDZ+A95z3/CkiunR/FSNm
hkTk4IJAzW9Amv09xRBb
=yrK1
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Custom Realm
Posted by Service Symphony <me...@servicesymphony.com>.
I have got it working, since the server is not started yet, none of the underlying infrastructure is available in the realm class constructor.
Sent from my iPhone
> On 11 Oct 2014, at 22:37, Meeraj Kunnumpurath <me...@servicesymphony.com> wrote:
>
> Hi,
>
> I have some specific requirements for security and I have been trying to right a custom realm, that reads information from the database.
>
> 1. I have added a datasource in the global naming resources section in the server.xml
> 2. I have packaged the realm class in a JAR file and copied it the server lib
> 3. I have included a context.xml in the WAR META-INF, that declares the realm from (2)
>
> In the constructor of the realm class, I try to look up the datasource,
>
> 1. If I use new InitialContext().lookup, I get a name not found exception.
> 2. If I try to get the global naming context, by calling getServer from RealBase, getServer returns a null reference.
>
> This is the entry in server.xml
>
> <Resource name="MyDS"
> auth="Container"
> type="javax.sql.DataSource"
> driverClassName="oracle.jdbc.OracleDriver"
> factory="org.apache.tomcat.jdbc.pool.DataSourceFactory"
> url="jdbc:oracle:thin:@10.211.55.7:1521:xe"
> username="meeraj"
> password="password"
> maxTotal="20"
> maxIdle="10"
> maxWaitMillis="-1"
> accessToUnderlyingConnectionAllowed="true"/>
>
> This is the entry in the context.xml
>
> <Realm className="com.ss.security.provider.DatabaseRealm" digest="SHA1"/>
>
> This is the constructor of the Realm class
>
> public DatabaseRealm() throws NamingException {
> Context context = null;
> try {
> context = new InitialContext();
> template = new SimpleJdbcTemplate((DataSource) context.lookup("MyDS"));
> } finally {
> if (context != null) context.close();
> }
> }
>
> Any pointers will be highly appreciated.
>
> Many thanks
>
> --
> Meeraj Kunnumpurath
> Director and Executive Principal
> Service Symphony Ltd
> 00 44 7702 693597
> meeraj@servicesymphony.com