VIVO Documentation
Page History
Table of Contents |
---|
Background
VIVO is not written to use the standard JEE or Tomcat authentication systems, so using a Tomcat Realm would require some customization. This doesn't seem very difficult, it just hasn't been a priority for us.
...
I don't know of anyone who has tried to use a Tomcat Realm to accomplish external authentication in VIVO. I think it would require some small modification of the VIVO code, perhaps a change to ExternalAuthHelper.getExternalAuthId(). Tomcat would use the Realm to create a Principal object in the HTTP request, and VIVO would get the user ID from that Principal instead of looking in an HTTP header. Web.xml would be modified to secure the page, as you have already done.
Testing
Zut alors! It really was just that easy!
I added these lines to ExternalAuthHelper.getExternalAuthId(), right after the check for a null request object:
Panelcode |
---|
Principal p = request.getUserPrincipal(); if (p != null) { log.debug("Found a UserPrincipal in the request: " + p); String userId = p.getName(); if (StringUtils.isNotEmpty(userId)){ { log.debug("Got external auth from UserPrincipal: " + userId); return userId; } return userId; } } |
I added these lines to the end of web.xml, just before the closing </web-app>:
Panelcode |
---|
<security-constraint> <web-resource-collection> <web-resource-name>ExternalAuthPage</web-resource-name> <url-pattern>/loginExternalAuthReturn</url-pattern> </web-resource-collection> <auth-constraint> <role-name>tomcat</role-name> </auth-constraint> </security-constraint> |
Panel |
<login-config> <auth-method>BASIC</auth-method> </login-config> |
I set this property in deploy.properties:
Panelcode |
---|
externalAuth.buttonText = Log in using basic Tomcat |
And voila, my tomcat-users.xml file is my external authentication system!
...