Backend Container Based Authentication

For container based authentication the following example using Tomcat is provided. Please not that the example is not suitable as a viable implementation for production environments.

Apache Tomcat Example

One way of defining users and roles is shown in the following Apache Tomcat example. This is not a viable solution but rather a simple example in order to illustrate the concept. In the example, an XML definition file is used to declare users and their roles in the backend container. Combining the XperienCentral roles with the wmadmin role is a trick to make this work with the default web.xml delivered with XperienCentral. The following file named tomcat-users.xml defines the users:

  • JohnS: assigned role(s): Administrator, with the external name "xc_administrator" assigned.
  • MaryP: assigned role(s): Editor and customer-specific permission, with the external names "xc_editor" and "xc_custom_permissions", respectively, assigned.
  • JanW: assigned role(s): Casual User, with the external name "xc_casual_editor" assigned.

 

 

<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
  <role rolename="wmadmin"/>
  <role rolename="xc_administrator"/>
  <role rolename="xc_editor"/>
  <role rolename="xc_casual_editor"/>
  <role rolename="xc_custom_permissions"/>
 
  <user username="JohnS" password="w3e4r5t" roles="xc_administrator,wmadmin"/>
  <user username="MaryP" password="1b2w3q7n5t" roles="xc_editor,xc_custom_permissions,wmadmin"/>
  <user username="JanW" password="m9w1q0n5l" roles="xc_casual_editor,wmadmin"/>
</tomcat-users>

 

 

You can use any Administrative page (for example /web/admin/status) to make the browser ask for credentials so that you can log in to the container.

Container-based Authentication in Tomcat using a Valve

The easiest way to enable container-based authentication in Tomcat for test purposes is by adding this valve:

 

server.xml: valve to add within the "/web" Context

 

<Valve className="org.apache.catalina.authenticator.DigestAuthenticator" cache="true" alwaysUseSession="true"/>