Chapter 11: Working with User Authentication

Previous page
Table of content
Next page

Overview

This chapter and the next deal with Tomcat security, though this chapter deals exclusively with access to the server’s resources. Chapter 12 covers securing data transfer and securing the machine on which the server runs. When users attempt to access a restricted resource on the server, Tomcat challenges them to produce user details to confirm that they are who they say they are. This is authentication.

Once a user is authenticated, the server must then determine whether this user is authorized to view the restricted resource requested. This is authorization. Both of these concepts make up the security policy of a server.

Tomcat uses realms to implement and enforce specific security policies, some of which developers specify, but all of which you administer. A realm itself doesn’t enforce security policies; it’s a depository of user information that allows the server, or sometimes an application, to enforce a security policy.


Previous page
Table of content
Next page
Pro Jakarta Tomcat 5
Pro Apache Tomcat 5/5.5 (Experts Voice in Java)
ISBN: 1590593316
EAN: 2147483647
Year: 2004
Pages: 94
Authors: Matthew Moodie
BUY ON AMAZON
MySQL Stored Procedure Programming
Oracle Developer Forms Techniques
Building Web Applications with UML (2nd Edition)
File System Forensic Analysis
Telecommunications Essentials, Second Edition: The Complete Global Source (2nd Edition)
Comparing, Designing, and Deploying VPNs
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy