NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator's Guide

ManualsBrandsHP ManualsServerHP Integrity NonStop J-Series

371

372

373

374

375

376

377

378

379

380

Security Considerations

NonStop Servlets for JavaServer Pages (NSJSP) 6.1 System Administrator’s Guide—596210-006

8-23

Realms

NonStop groups. The following sample code provides access to users belonging to

SUPER and SYSSW groups:

<security-constraint>

<web-resource-collection>

<web-resource-name>My Appl's Secure Pages

</web-resource-name>

<description>Security constraint for resources in the

secure directory</description>

<url-pattern>/secure/*</url-pattern>

<http-method>POST</http-method>

<http-method>GET</http-method>

</web-resource-collection>

<auth-constraint>

<description>only let the system user login

</description>

<role-name>SYSSW</role-name>

<role-name>SUPER</role-name>

</auth-constraint>

</security-constraint>

3. Configure the JAASRealm:

<Realm className="org.apache.catalina.realm.JAASRealm"

appName="NonStopUserDB"

userClassNames="com.tandem.servlet.jaas.

NonStopUserPrincipal"

roleClassNames="com.tandem.servlet.jaas.

NonStopRolePrincipal"

useContextClassLoader="false" />

For information on configuring a Realm, see Realms on page 8-7.

DataSourceRealm

The DataSourceRealm is an implementation of the Realm interface that queries users

in a relational database accessed through a JNDI named JDBC DataSource.

The database schema of the table containing usernames and passwords, and the table

linking usernames with roles is the same as for the JDBCRealm. To create the required

tables, see Example 8-1 in the JDBCRealm on page 8-15.