Using the JDBC Realm in Tomcat you can perform very simple and elegant user authentication and access control, or have them carried out by Tomcat. For this we must add the file in the webapp context.xml the following section:

driver name = "com.mysql.jdbc.Driver"
connectionURL = "jdbc: mysql: / / localhost: 3306/test"
Connection name = "smartBLU"
connection Password = ""
Table user = "USER"
usernamecol = "Login Name"
userCredCol = "password"
userRoleTable = "USER_ROLE"
roleNameCol = "role_name"
digest = "sha" />

Tomcat will then attempt to authenticate the user against a database jdbc: mysql: / / localhost: 3306/test with the appropriate parameters. The database table here called USER. The user passwords are hashed with SHA. SHA means in the Java world as I know, SHA2.

In this example we used is not the normal JDBC realm but a separate realm that was derived from the JDBC realm, but also a migration function (the old system used but not SHA Crypt) holds. The jar file which contains this related class must be available for Tocat, they must therefore in the directory tomcat / libs are. Alternatively, you can be entered in this example, the JDBC realm (org.apache.catalina.realm.JDBCRealm).

The Realm is only one element in the authentication with Tomcat. The weiterne Devices (login-config, roles and security constraints) are in the web.xml file containing the project.