2016-10-15 19:57:04 +02:00
<!DOCTYPE html>
< html lang = "en" dir = "ltr" >
< head >
< meta charset = "utf-8" / >
< title > documentation:2.0:applications:tomcat< / title >
< meta name = "generator" content = "DokuWiki" / >
< meta name = "robots" content = "index,follow" / >
< meta name = "keywords" content = "documentation,2.0,applications,tomcat" / >
< link rel = "search" type = "application/opensearchdescription+xml" href = "../lib/exe/opensearch.html" title = "LemonLDAP::NG" / >
< link rel = "start" href = "tomcat.html" / >
< link rel = "contents" href = "tomcat.html" title = "Sitemap" / >
< link rel = "stylesheet" type = "text/css" href = "../lib/exe/css.php.t.bootstrap3.css" / >
2017-02-07 17:35:26 +01:00
<!-- //if:usedebianlibs
< link rel = "stylesheet" type = "text/css" href = "/javascript/bootstrap/css/bootstrap.min.css" / >
//elsif:useexternallibs
< link rel = "stylesheet" type = "text/css" href = "https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css" > < / script >
//elsif:cssminified
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.min.css" / >
//else -->
< link rel = "stylesheet" type = "text/css" href = "/static/bwr/bootstrap/dist/css/bootstrap.css" / >
<!-- //endif -->
2016-10-15 19:57:04 +02:00
< script type = "text/javascript" > / * < ! [ C D A T A [ * / v a r N S = ' d o c u m e n t a t i o n : 2 . 0 : a p p l i c a t i o n s ' ; v a r J S I N F O = { " i d " : " d o c u m e n t a t i o n : 2 . 0 : a p p l i c a t i o n s : t o m c a t " , " n a m e s p a c e " : " d o c u m e n t a t i o n : 2 . 0 : a p p l i c a t i o n s " } ;
/*!]]>*/< / script >
< script type = "text/javascript" charset = "utf-8" src = "../lib/exe/js.php.t.bootstrap3.js" > < / script >
2017-02-07 17:35:26 +01:00
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery/jquery.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/jquery-2.2.0.min.js" > < / script >
//elsif:jsminified
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.min.js" > < / script >
//else -->
< script type = "text/javascript" src = "/static/bwr/jquery/dist/jquery.js" > < / script >
<!-- //endif -->
<!-- //if:usedebianlibs
< script type = "text/javascript" src = "/javascript/jquery-ui/jquery-ui.min.js" > < / script >
//elsif:useexternallibs
< script type = "text/javascript" src = "http://code.jquery.com/ui/1.10.4/jquery-ui.min.js" > < / script >
//elsif:jsminified
2018-03-08 13:29:31 +01:00
< script type = "text/javascript" src = "/static/bwr/jquery-ui/jquery-ui.min.js" > < / script >
2017-02-07 17:35:26 +01:00
//else -->
2018-03-08 13:29:31 +01:00
< script type = "text/javascript" src = "/static/bwr/jquery-ui/jquery-ui.js" > < / script >
2017-02-07 17:35:26 +01:00
<!-- //endif -->
2016-10-15 19:57:04 +02:00
< / head >
< body >
< div class = "dokuwiki export container" >
<!-- TOC START -->
< div id = "dw__toc" >
< h3 class = "toggle" > Table of Contents< / h3 >
< div >
< ul class = "toc" >
< li class = "level1" > < div class = "li" > < a href = "#presentation" > Presentation< / a > < / div > < / li >
< li class = "level1" > < div class = "li" > < a href = "#installation" > Installation< / a > < / div > < / li >
< li class = "level1" > < div class = "li" > < a href = "#configuration" > Configuration< / a > < / div > < / li >
< li class = "level1" > < div class = "li" > < a href = "#compilation" > Compilation< / a > < / div > < / li >
< / ul >
< / div >
< / div >
<!-- TOC END -->
< h1 class = "sectionedit1" id = "apache_tomcat" > Apache Tomcat< / h1 >
< div class = "level1" >
< p >
< a href = "tomcat_logo.png_documentation_2.0_applications_tomcat.html" class = "media" title = "applications:tomcat_logo.png" > < img src = "tomcat_logo.png" class = "mediacenter" alt = "" / > < / a >
< / p >
< div class = "noteimportant" > The Tomcat Valve is only available for tomcat 5.5 or greater.
< / div >
< / div >
<!-- EDIT1 SECTION "Apache Tomcat" [1 - 154] -->
< h2 class = "sectionedit2" id = "presentation" > Presentation< / h2 >
< div class = "level2" >
< p >
< a href = "http://tomcat.apache.org/" class = "urlextern" title = "http://tomcat.apache.org/" rel = "nofollow" > Apache Tomcat< / a > is an open source software implementation of the Java Servlet and JavaServer Pages technologies.
< / p >
< p >
As J2EE servlet container, Tomcat provides standard security feature, like authentication: the application deployed in Tomcat can delegate its authentication to Tomcat.
< / p >
< p >
By default, Tomcat provides a file called < code > users.xml< / code > to manage authentication:
< / p >
< pre class = "code file xml" > < span class = "sc3" > < span class = "re1" > < ?xml< / span > < span class = "re0" > version< / span > =< span class = "st0" > '1.0'< / span > < span class = "re0" > encoding< / span > =< span class = "st0" > 'utf-8'< / span > < span class = "re2" > ?> < / span > < / span >
< span class = "sc3" > < span class = "re1" > < tomcat-users< span class = "re2" > > < / span > < / span > < / span >
< span class = "sc3" > < span class = "re1" > < role< / span > < span class = "re0" > rolename< / span > =< span class = "st0" > " tomcat" < / span > < span class = "re2" > /> < / span > < / span >
< span class = "sc3" > < span class = "re1" > < role< / span > < span class = "re0" > rolename< / span > =< span class = "st0" > " role1" < / span > < span class = "re2" > /> < / span > < / span >
< span class = "sc3" > < span class = "re1" > < user< / span > < span class = "re0" > username< / span > =< span class = "st0" > " tomcat" < / span > < span class = "re0" > password< / span > =< span class = "st0" > " tomcat" < / span > < span class = "re0" > roles< / span > =< span class = "st0" > " tomcat" < / span > < span class = "re2" > /> < / span > < / span >
< span class = "sc3" > < span class = "re1" > < user< / span > < span class = "re0" > username< / span > =< span class = "st0" > " role1" < / span > < span class = "re0" > password< / span > =< span class = "st0" > " tomcat" < / span > < span class = "re0" > roles< / span > =< span class = "st0" > " role1" < / span > < span class = "re2" > /> < / span > < / span >
< span class = "sc3" > < span class = "re1" > < user< / span > < span class = "re0" > username< / span > =< span class = "st0" > " both" < / span > < span class = "re0" > password< / span > =< span class = "st0" > " tomcat" < / span > < span class = "re0" > roles< / span > =< span class = "st0" > " tomcat,role1" < / span > < span class = "re2" > /> < / span > < / span >
< span class = "sc3" > < span class = "re1" > < /tomcat-users< span class = "re2" > > < / span > < / span > < / span >
< / pre >
< p >
< abbr title = "LemonLDAP::NG" > LL::NG< / abbr > provides a valve, available on < a href = "../download.html#contributions" class = "wikilink1" title = "download" > download page< / a > . This valve will check an HTTP header to set the authenticated user on the J2EE container.
< / p >
< / div >
<!-- EDIT2 SECTION "Presentation" [155 - 1077] -->
< h2 class = "sectionedit3" id = "installation" > Installation< / h2 >
< div class = "level2" >
< p >
Copy < code > ValveLemonLDAPNG.jar< / code > in < code > < TOMCAT_HOME> /server/lib< / code > :
< / p >
< pre class = "code" > cp ValveLemonLDAPNG.jar server/lib/< / pre >
< div class = "notetip" > If needed, you can < a href = "#compilation" title = "documentation:2.0:applications:tomcat ↵" class = "wikilink1" > recompile the valve from the sources< / a > .
< / div >
< / div >
<!-- EDIT3 SECTION "Installation" [1078 - 1310] -->
< h2 class = "sectionedit4" id = "configuration" > Configuration< / h2 >
< div class = "level2" >
< p >
Add on your < code > server.xml< / code > file a new valve entry like this (in host section):
< / p >
< pre class = "code file xml" > < span class = "sc3" > < span class = "re1" > < Valve< / span > < span class = "re0" > className< / span > =< span class = "st0" > " org.lemonLDAPNG.SSOValve" < / span > < span class = "re0" > userKey< / span > =< span class = "st0" > " AUTH-USER" < / span > < span class = "re0" > roleKey< / span > =< span class = "st0" > " AUTH-ROLE" < / span > < span class = "re0" > roleSeparator< / span > =< span class = "st0" > " ," < / span > < span class = "re0" > allows< / span > =< span class = "st0" > " 127.0.0.1" < / span > < span class = "re2" > /> < / span > < / span > < / pre >
< p >
Configure attributes:
< / p >
< ul >
< li class = "level1" > < div class = "li" > < strong > userKey< / strong > : key in the HTTP header containing user login.< / div >
< / li >
< li class = "level1" > < div class = "li" > < strong > roleKey< / strong > : key in the HTTP header containing roles. If < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > send some roles split by some commas, configure < strong > roleSeparator< / strong > .< / div >
< / li >
< li class = "level1" > < div class = "li" > < strong > roleSeparator< / strong > (optional): role values separator.< / div >
< / li >
2019-09-23 22:41:16 +02:00
< li class = "level1" > < div class = "li" > < strong > allows< / strong > (optional): Define allowed remote < abbr title = "Internet Protocol" > IP< / abbr > (use " ," separator for multiple < abbr title = "Internet Protocol" > IP< / abbr > ). Just set the < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > Handler < abbr title = "Internet Protocol" > IP< / abbr > on this attribute in order to add more security. If this attribute is missed all hosts are allowed.< / div >
2016-10-15 19:57:04 +02:00
< / li >
2019-09-23 22:41:16 +02:00
< li class = "level1" > < div class = "li" > < strong > passThrough< / strong > (optional): Allow anonymous access or not. When it takes " false" , HTTP headers have to be sent by < abbr title = "LemonLDAP::NG" > LL::NG< / abbr > to make authentication. So, if the user is not recognized or HTTP headers not present, a 403 error is sent.< / div >
2016-10-15 19:57:04 +02:00
< / li >
< / ul >
< div class = "notetip" > For debugging, this valve can print some helpful information in debug level. See < a href = "http://tomcat.apache.org/tomcat-5.5-doc/logging.html" class = "urlextern" title = "http://tomcat.apache.org/tomcat-5.5-doc/logging.html" rel = "nofollow" > how configure logging in Tomcat< / a > .
< / div >
< / div >
<!-- EDIT4 SECTION "Configuration" [1311 - 2481] -->
< h2 class = "sectionedit5" id = "compilation" > Compilation< / h2 >
< div class = "level2" >
< p >
The sources are available on < a href = "../download.html#contributions" class = "wikilink1" title = "download" > download page< / a > .
< / p >
< p >
Required :
< / p >
< ul >
< li class = "level1" > < div class = "li" > ant< / div >
< / li >
< li class = "level1" > < div class = "li" > jre > 1.4< / div >
< / li >
< li class = "level1" > < div class = "li" > tomcat > = 5.5< / div >
< / li >
< / ul >
< p >
Configure your tomcat home in < code > build.properties< / code > files.
< / p >
2019-09-23 22:41:16 +02:00
< div class = "noteimportant" > Be careful for Windows user, path must contains " /" . Example:
2016-10-15 19:57:04 +02:00
< pre class = "code" > c:/my hardisk/tomcat/< / pre >
< / div >
< p >
Next run ant command:
< / p >
< pre class = "code" > ant< / pre >
< p >
< code > ValveLemonLDAPNG.jar< / code > is created under < code > /dist< / code > directory.
< / p >
< / div >
<!-- EDIT5 SECTION "Compilation" [2482 - ] --> < / div >
< / body >
< / html >