Page History

...

Configure your web application container

Jetty

• Create your jetty-users.properties file.  This file contains entries in the format username:  password [, role, ...], where
  • username is the user's login id (the principal)
  • password is the user's password
  • role is the servlet role they are assigned upon login;  jetty allows you to specify any number of roles (or no role at all).
• Sample jetty-users.properties file that contains three users, two of whom are regular users, and the third of whom (fedoraAdmin) is a Fedora superuser:

testuser: password1,fedoraUser
adminuser: password2,fedoraUser
fedoraAdmin: secret3,fedoraAdmin

• Configure your Jetty login realm.
  

  • Standalone: Modify your jetty.xml file to configure the login realm and include the jetty-users.properties file:

    Code Block
    language xml title jetty.xml login service
    <Configure class="org.eclipse.jetty.webapp.WebAppContext">   <!-- Set this to the webapp root of your Fedora 4 repository --> <Set name="contextPath">/</Set> <!-- Set this to the path of of fcrepo4 WAR file -->   <Set name="war"><SystemProperty name="jetty.home" default="."/>/webapps/fcrepo4</Set> <Get name="securityHandler"> <Set name="loginService"> <New class="org.eclipse.jetty.security.HashLoginService"> <Set name="name">fcrepo4</Set> <!-- Set this to the path to your jetty-users.properties file -->  <Set name="config"><SystemProperty name="jetty.home" default="."/>/path/to/jetty-users.properties</Set> </New> </Set> </Get> </Configure>

    
    

  • Embedded in Maven: The fcrepo-webapp Maven project includes jetty-maven-plugin. The property jetty.users.file sets the location of the jetty-users.properties file. Run the fcrepo-webapp server with the following system property:

-Djetty.users.file=/path/to/jetty-users.properties

• See the Jetty Authentication documentation for more details. 

Tomcat

• Create or edit your $CATALINA_HOME/conf/tomcat-users.xml file.  It has entries of the form
  

   <user name="principal" password="password" roles="role1, role2, ..." />

  where:

  • name is the user's login id (the principal)
  • password is the user's password
  • roles are the servlet roles they are assigned upon login;  tomcat allows you to specify any number of roles (or no role at all).

  Sample tomcat-users.xml file that contains three users, two of whom are regular users, and the third of whom (fedoraAdmin) is a Fedora superuser:

  Code Block
  language xml title tomcat-users.xml
  <tomcat-users> <role rolename="fedoraUser" /> <role rolename="fedoraAdmin" /> <user name="testuser" password="password1" roles="fedoraUser" /> <user name="adminuser" password="password2" roles="fedoraUser" /> <user name="fedoraAdmin" password="secret3" roles="fedoraAdmin" /> </tomcat-users>

  
  

• Configure your Tomcat login realm. Modify your file $CATALINA_HOME/conf/server.xml file to configure the login realm with the Fedora 4 webapp context:

  Code Block
  language xml title

Tomcat

• server.xml

Realm

• <Context> ... <Realm className="org.apache.catalina.realm.UserDatabaseRealm"

• resourceName="UserDatabase" /> ... </Context>

• See the Tomcat Realms documentation for more details.