NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator's Guide

ManualsBrandsHP ManualsServerHP Integrity NonStop J-Series

361

362

363

364

365

366

367

368

369

370

Security Considerations

NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator’s Guide—596210-006

8-15

Realms

MemoryRealm

The MemoryRealm is a simple demonstration implementation of the Realm interface

and is not intended for production use. During startup, the MemoryRealm loads

information about all users, and their corresponding roles, from an XML document (by

default, this document is loaded from <NSJSP_HOME>/conf/nsjsp-users.xml).

Changes made to the <NSJSP_HOME>/conf/nsjsp-users.xml file will be effective

only after NSJSP is restarted.

This section discusses the following topics:



MemoryRealm File Format



Attributes in the MemoryRealm

MemoryRealm File Format

The users file (by default, <NSJSP_HOME>/conf/nsjsp-users.xml) must be an

XML document, with a root element called <tomcat-users>. The format specified by

this file is the MemoryRealm file format. Nested inside the root element of this file is a

<user> element for each valid user, consisting of the following attributes:



name - Specifies the username with which the valid user must log in.



password - Specifies the password with which the valid user must log in (in plain

text format if the digest attribute is not set in the <Realm> element or digested

appropriately as described in HTTP Digest Authentication on page 8-4).



roles - Specifies the comma-separated list of the role names associated with this

user.

Attributes in the MemoryRealm

Table 8-2 lists the attributes that can be used in the MemoryRealm.

JDBCRealm

The JDBCRealm is an implementation of the Realm interface that obtains user

information from a relational database accessed through a JDBC driver. The

Table 8-2. MemoryRealm Attributes

Attribute Description

digest Specifies the digest algorithm that must be used to store passwords in

non-plain text formats. The valid values for this attribute are those that

are accepted for the algorithm name by the

java.security.MessageDigest class. If this attribute is not

specified, passwords are stored in plain text.

pathname Specifies the absolute or relative (to <NSJSP_HOME>) pathname to the

XML file containing the user information.