How to define Tomcat security Realms per webapp
When using JAAS JDBCRealms with Tomcat, I usually define the realm in server.xml. But now I am looking for a simpler solution, where I don't have to configure the Tomcat container when deploying the application.
If possible, I would like to keep all the JAAS configuration in web.xml and just define the realm per application/webapp.
One thread mentions that he did this by defining the realm in META-INF/context.xml of the webapp.. but I could not get it working (Why is Tomcat manager using my LoginModule?).
Please help me find the correct location in the .war to define a org.apache.catalina.realm.JDBCRealm that is then used for that webapp.
Answer
To define your own JDBCRealm, create a META-INF/context.xml in your own web application.
Configure your JDBCRealm according to the specification based on your Tomcat Server versions:
These links shows you exactly how to configure JDBCRealm.