RavenWiki

Tomcat Valve

From RavenWiki

Jump to: navigation, search
The Raven-related software described on this page is NOT supported or maintained by University Information Services. It is provided here in the hope that it may be useful, but it may contain bugs and security vulnerabilities. It may be supported and maintained by others. You should evaluate whether it meets you particular needs before using it.

William Billingsley ( whb21 at cam.ac.uk) has written a Raven valve for Tomcat based on the Raven Java Toolkit. It is available as Java source, in a .jar archive packed with a copy of the toolkit and as a github project.

He writes:

"I had to write this quickly for one of our servers. I'm sending it to the list because presumably others might need one too, and when I emailed Jon Warbrick in September he didn't have one. Alpha quality, but seems to work for me.
"source and jar attached. JAR also includes the webauth toolkit classes from the Raven project site so you can just drop it into server/lib and configure the valve in server.xml
"works for Tomcat 5.5, probably won't work for older Tomcat versions".

The valve is distributed under the terms of the GNU Lesser General Public License.

See also Java Toolkit, Servlet filter, Tomcat authenticator and JAAS implementation and JAVA Servlet Library.

Installation

These instructions are for Ubuntu/Debian and tomcat6, alteration may be required for other OSes/tomcat versions

  • Add webauth.jar and webauth-tomcat.jar to /usr/share/tomcat6/lib/ probably by symlinking to the jar which is stored somewhere more sensible like /usr/local/share/java/ or if you have done pom to deb conversion (untested) then they should be in /usr/share/java/.
  • Symlink commons-codec.jar and commons-logging.jar into /usr/share/tomcat6/lib/ from /usr/share/java/ (install libcommons-logging-java and libcommons-codec-java if necessary)
  • Install raven_pubkey.crt into /etc/tomcat6/
  • Modify /etc/tomcat6/server.xml to add the following to the relevant Engine
      <!-- Use the raven valve to restrict access -->
      <Valve className="uk.ac.cam.ucs.webauth.tomcat.RavenValve"/>

Tomcat 7

These instructions are for Ubuntu/Debian and tomcat7

  • Add ravenvalve.jar to your java path e.g. $CATALINA_HOME/lib (this is actually in the application specific java path)
  • Symlink commons-codec.jar and commons-logging.jar into $CATALINA_HOME/lib from /usr/share/java/ (install libcommons-logging-java and libcommons-codec-java if necessary)
  • Download pubkey2.crt into $CATALINA_HOME/conf and rename to raven_pubkey.crt
  • Modify $CATALINA_HOME/conf/server.xml to add the following to the relevant Engine
      <!-- Use the raven valve to restrict access -->
      <Valve className="cam.cl.raven.RavenValve"/>