0

I have two sets of web applications that all run on the same Tomcat 5.5 server.

I have one common Realm defined in server.xml:

<!-- Define the top level container in our container hierarchy -->
<Engine defaultHost="localhost" name="Catalina">

    <Valve className="org.apache.catalina.authenticator.SingleSignOn" />

    <Realm
        className="com.key.portal.common.realm.PortalDataSourceRealm"
        debug="0"
        dataSourceName="jdbc/usa"
        userTable="user_info"
        userNameCol="username"
        userIdCol="username"
        userCredCol="password"
        userInactiveCol="inactive"
        userRoleTable="user_role"
        roleNameCol="role" />

My "usa" applications both want to share a SingleSignOn with this datasource, and my "canada" applications to use singlesignon, but with a different datasource. (e.g. jdbc/canada)

Is there a way I can split this top level Engine container into two divisions, or configure the applications to override the dataSourceName? The tomcat docs say I can have exactly one "Engine" section defined.

But both sets of web applications want to use a different datasource to connect to it.

Andy Dent
  • 17,578
  • 6
  • 88
  • 115
Will
  • 1,622
  • 4
  • 25
  • 39

1 Answers1

0

You can put the Realm inside a Host (or even inside a Context) element. If your usa and canada applications run in different Hosts it could be a solution.

If they are inside the same Host you have to put a Realm tag inside every Context of the usa applications and let the canada apps use the default Realm (which is nested in the Engine tag) or vice versa.

From the documentation, Realm Configuration HOW-TO, Configuring a Realm:

The element can be nested inside any one of of the following Container elements. The location of the Realm element has a direct impact on the "scope" of that Realm (i.e. which web applications will share the same authentication information):

[...]

  • Inside a element - This Realm will be shared across ALL web applications for THIS virtual host, UNLESS it is overridden by a Realm element nested inside a subordinate element.
  • Inside a element - This Realm will be used ONLY for THIS web application.

Here is a similar question with an example in the answers: how can I restrict users to access ONLY their own manager?

Community
  • 1
  • 1
palacsint
  • 28,416
  • 10
  • 82
  • 109