Using Web Server Authentication

If AUTHORIZATION=REMOTE_USER, the web server needs to perform the authentication, and anonymous is not allowed. You need to configure the web server to perform the authentication, and you can access the user logon information with $user and $password.

The following steps show how to configure Tomcat BASIC authentication and the Uniface servlet so that a logon box is displayed for each first access of the web application by a particular user.

If you use a web server other than Tomcat, you can replace the steps 1 and 2 with the configuration of your web server.

To use Tomcat BASIC authentication:

  1. Edit the file UnifaceAPSInstallDir\common\tomcat\conf\tomcat-users.xml to add your users, passwords and roles.
  2. Add the security constraint to the web.xml file, for example:
    <web-app>
     … …
    <security-constraint>      
      <web-resource-collection>        
       <web-resource-name>The Entire Web Application</web-resource-name>        
       <url-pattern>/*</url-pattern>      
      </web-resource-collection>      
      <auth-constraint>        
       <role-name>tomcat</role-name>     
      </auth-constraint>    
    </security-constraint>      
    
    <login-config>      
      <auth-method>BASIC</auth-method>      
      <realm-name>Tomcat Supported Realm</realm-name>    
    </login-config>     
    
    <security-role>      
     <description>An example role defined in "conf/tomcat-users.xml"
     </description>     
     <role-name>tomcat</role-name>    
    </security-role>
    </web-app>
    
    
  3. In the same web.xml file, under the servlet wrd specification, set AUTHORIZATION to REMOTE_USER:
    <servlet>    
      <servlet-name>      
        wrd
    … …
      <init-param>         
         <param-name>AUTHORIZATION</param-name>          
         <param-value>REMOTE_USER</param-value>
      </init-param>
    </servlet>
    

Related Topics