diff options
author | Endi Sukma Dewata <edewata@redhat.com> | 2012-08-21 17:38:29 -0500 |
---|---|---|
committer | Endi Sukma Dewata <edewata@redhat.com> | 2012-09-05 10:09:41 -0500 |
commit | 8eb2eac080c2e9595b506f49f25d2c1718453bbc (patch) | |
tree | d63903229b737cf2e8127c02b67dfa62eeb4571a /base/kra | |
parent | 63ac9595b4b193200e9b7af94f0854361a70eec9 (diff) | |
download | pki-8eb2eac080c2e9595b506f49f25d2c1718453bbc.tar.gz pki-8eb2eac080c2e9595b506f49f25d2c1718453bbc.tar.xz pki-8eb2eac080c2e9595b506f49f25d2c1718453bbc.zip |
Added proxy realm.
CMS engine is a singleton and it's used by PKI realm to authenticate
users accessing the subsystem. Since a Tomcat instance may contain
multiple subsystems, each having separate realm, the PKI JAR links
need to be moved into WEB-INF/lib so that they will run inside
separate class loaders.
Tomcat also requires that the authenticator and realm classes be
available in common/lib. To address this a new package pki-tomcat.jar
has been added. The package contains the authenticator and a proxy
realm. When the subsystems start running, they will register their
own realms into the proxy realms such that the authentications will
be forwarded to the appropriate subsystems.
Ticket #89
Diffstat (limited to 'base/kra')
-rw-r--r-- | base/kra/shared/webapps/kra/META-INF/context.xml | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/base/kra/shared/webapps/kra/META-INF/context.xml b/base/kra/shared/webapps/kra/META-INF/context.xml new file mode 100644 index 000000000..975ecabf1 --- /dev/null +++ b/base/kra/shared/webapps/kra/META-INF/context.xml @@ -0,0 +1,31 @@ +<?xml version='1.0' encoding='utf-8'?> +<!-- BEGIN COPYRIGHT BLOCK + Copyright (C) 2012 Red Hat, Inc. + All rights reserved. + Modifications: configuration parameters + END COPYRIGHT BLOCK +--> + +<!-- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +--> +<Context crossContext="true" allowLinking="true"> + + <Valve className="com.netscape.cms.tomcat.SSLAuthenticatorWithFallback" /> + + <Realm className="com.netscape.cms.tomcat.ProxyRealm" /> + +</Context> |