Reputation: 2091
Need help setting up multiple Realms in Tomcat
I'm trying to set up two Realms in tomcat and it isn't letting me for some reason. I'd like to use the standard UserDatabaseRealm (conf/tomcat-users.xml) for doing admin things (like deploying webapps) but I'd like a custom realm for doing authentication for a specific webapp.
So, I tried putting this in the context of my webapp:
<Context>
<GlobalNamingResources>
<Resource name="CustomDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="/usr/java/apache-tomcat-6.0.35/conf/tomcat-users.xml"
/>
</GlobalNamingResources>
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="CustomDatabase"
/>
</Context>
Which is really just a copy of what is in server.xml with a couple changes:
The name is changed to CustomDatabase from UserDatabase.
The pathname is the absolute pathname (and the same I use for the main realm).
I always get this same error:
LifecycleException: No UserDatabase component found under key CustomDatabase
And I don't know what it is telling me. What component is it talking about?
Along with the context above I've tried a couple other things, but it always gives the same error:
I've tried wrapping the Resource with the GlobalNamingResources tag and whether there or not same error.
I've tried changing the auth attribute of the Resource to both Container and Application and get the same error.
What am I missing? All the help from google is mostly people messing up their main realm (which mine is fine) not trying to configure a second realm.
Upvotes: 3
Views: 5261
Answers (2)
Reputation: 7636
You may use org.apache.catalina.realm.CombinedRealm. From the Tomcat documentation:
<Realm className="org.apache.catalina.realm.CombinedRealm" >
<Realm className="org.apache.catalina.realm.UserDatabaseRealm"
resourceName="UserDatabase"/>
<Realm className="org.apache.catalina.realm.DataSourceRealm"
dataSourceName="jdbc/authority"
userTable="users" userNameCol="user_name" userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name"/>
</Realm>
Upvotes: 12
Reputation: 2091
So, I don't have a real answer, but I'll explain what I did.
I wasn't able to get the second UserDatabaseRealm working, but I really just needed two realms for testing, and it didn't matter the type (eventually, the second realm would be LDAP).
So I was looking at the available realms and chose a MemoryRealm for my secondary test realm and it worked just as it should have. I then made it a LDAP realm and that also worked fine.
So, sorry to those that actually need two UserDatabaseRealms, I don't have a solution for you.
NOTE: It's strange that the UserDatabaseRealm uses JNDI and the JNDIRealm is used for LDAP (and from what I can tell, JDNI isn't involved). I'm sure this is just some legacy naming problem, but it's confusing.
Upvotes: 1
Related Questions
- How do I set up a Realm with a MySql Connection Pool in Tomcat 7?
- JDBC Realm configuration in tomcat
- Tomcat not executing the correct realm
- Tomcat 7 - Creating multiple instances of specific Realm per Host
- Realm Resource and context.xml in tomcat
- Tomcat jdbc connection "nullpointerexception" for realm
- How to deliver Realm with the war with Tomcat?
- apache tomcat 7 combined Realm
- Accessing a context specific realm with Tomcat 7
- Can you set different JDBC Realms for different web apps in Tomcat 7?