Tomcat Valve: Difference between revisions

From RavenWiki
Jump to navigationJump to search
(→‎Installation: Add missing commons-codec and commons-logging jars to instructions)
m (→‎Installation: Fix pubkey name)
 
(9 intermediate revisions by 3 users not shown)
Line 1: Line 1:
William Billingsley ([[person:whb21 | whb21]] at cam.ac.uk) has written a Raven valve for Tomcat based on the [[Raven Java Toolkit]]. It is available as [http://raven.cam.ac.uk/project/java-toolkit/files/ Java source], in a [http://raven.cam.ac.uk/project/java-toolkit/files/ .jar archive packed with a copy of the toolkit] and as a [https://github.com/ucam-cl-dtg/ucam-webauth-tomcat github project].
{{unsupported}}
 
William Billingsley ([[person:whb21 | whb21]] at cam.ac.uk) has written a Raven valve for Tomcat based on the [[Raven Java Toolkit]]. It is available as a [https://github.com/ucam-cl-dtg/ucam-webauth-tomcat github project].


He writes:
He writes:
Line 11: Line 13:
The valve is distributed under the terms of the GNU Lesser General Public License.
The valve is distributed under the terms of the GNU Lesser General Public License.


See also [http://raven.cam.ac.uk/project/java-toolkit/ Java Toolkit], [[Servlet filter]], [[Tomcat authenticator and JAAS implementation]] and [[JAVA Servlet Library]].
See also [[Servlet filter]], [[Tomcat authenticator and JAAS implementation]] and [[JAVA Servlet Library]].


==Installation==
==Installation==
Line 17: Line 19:
* Add webauth.jar and webauth-tomcat.jar to /usr/share/tomcat6/lib/ probably by symlinking to the jar which is stored somewhere more sensible like /usr/local/share/java/ or if you have done pom to deb conversion (untested) then  they should be in /usr/share/java/.
* Add webauth.jar and webauth-tomcat.jar to /usr/share/tomcat6/lib/ probably by symlinking to the jar which is stored somewhere more sensible like /usr/local/share/java/ or if you have done pom to deb conversion (untested) then  they should be in /usr/share/java/.
* Symlink commons-codec.jar and commons-logging.jar into /usr/share/tomcat6/lib/ from /usr/share/java/ (install libcommons-logging-java and libcommons-codec-java if necessary)
* Symlink commons-codec.jar and commons-logging.jar into /usr/share/tomcat6/lib/ from /usr/share/java/ (install libcommons-logging-java and libcommons-codec-java if necessary)
* Install [https://raven.cam.ac.uk/project/keys/ raven_pubkey.crt] into /etc/tomcat6/
* Install [[Pubkey2.crt |pubkey2.crt]] into /etc/tomcat6/
* Modify /etc/tomcat6/server.xml to add the following to the relevant Engine
* Modify /etc/tomcat6/server.xml to add the following to the relevant Engine
<pre><nowiki>
<pre><nowiki>
       <!-- Use the raven valve to restrict access -->
       <!-- Use the raven valve to restrict access -->
       <Valve className="uk.ac.cam.ucs.webauth.tomcat.RavenValve"/>
       <Valve className="uk.ac.cam.ucs.webauth.tomcat.RavenValve"/>
</nowiki></pre>
=Tomcat 7=
These instructions are for Ubuntu/Debian and tomcat7
* Add ravenvalve.jar to your java path e.g. $CATALINA_HOME/lib (this is actually in the application specific java path)
* Symlink commons-codec.jar and commons-logging.jar into $CATALINA_HOME/lib from /usr/share/java/ (install libcommons-logging-java and libcommons-codec-java if necessary)
* Download [[Pubkey2.crt|pubkey2.crt]] into $CATALINA_HOME/conf and rename to raven_pubkey.crt
* Modify $CATALINA_HOME/conf/server.xml to add the following to the relevant Engine
<pre><nowiki>
      <!-- Use the raven valve to restrict access -->
      <Valve className="cam.cl.raven.RavenValve"/>
</nowiki></pre>
</nowiki></pre>

Latest revision as of 13:32, 4 October 2019

The Raven-related software described on this page is NOT supported or maintained by University Information Services. It is provided here in the hope that it may be useful, but it may contain bugs and security vulnerabilities. It may be supported and maintained by others. You should evaluate whether it meets you particular needs before using it.

William Billingsley ( whb21 at cam.ac.uk) has written a Raven valve for Tomcat based on the Raven Java Toolkit. It is available as a github project.

He writes:

"I had to write this quickly for one of our servers. I'm sending it to the list because presumably others might need one too, and when I emailed Jon Warbrick in September he didn't have one. Alpha quality, but seems to work for me.
"source and jar attached. JAR also includes the webauth toolkit classes from the Raven project site so you can just drop it into server/lib and configure the valve in server.xml
"works for Tomcat 5.5, probably won't work for older Tomcat versions".

The valve is distributed under the terms of the GNU Lesser General Public License.

See also Servlet filter, Tomcat authenticator and JAAS implementation and JAVA Servlet Library.

Installation

These instructions are for Ubuntu/Debian and tomcat6, alteration may be required for other OSes/tomcat versions

  • Add webauth.jar and webauth-tomcat.jar to /usr/share/tomcat6/lib/ probably by symlinking to the jar which is stored somewhere more sensible like /usr/local/share/java/ or if you have done pom to deb conversion (untested) then they should be in /usr/share/java/.
  • Symlink commons-codec.jar and commons-logging.jar into /usr/share/tomcat6/lib/ from /usr/share/java/ (install libcommons-logging-java and libcommons-codec-java if necessary)
  • Install pubkey2.crt into /etc/tomcat6/
  • Modify /etc/tomcat6/server.xml to add the following to the relevant Engine
      <!-- Use the raven valve to restrict access -->
      <Valve className="uk.ac.cam.ucs.webauth.tomcat.RavenValve"/>

Tomcat 7

These instructions are for Ubuntu/Debian and tomcat7

  • Add ravenvalve.jar to your java path e.g. $CATALINA_HOME/lib (this is actually in the application specific java path)
  • Symlink commons-codec.jar and commons-logging.jar into $CATALINA_HOME/lib from /usr/share/java/ (install libcommons-logging-java and libcommons-codec-java if necessary)
  • Download pubkey2.crt into $CATALINA_HOME/conf and rename to raven_pubkey.crt
  • Modify $CATALINA_HOME/conf/server.xml to add the following to the relevant Engine
      <!-- Use the raven valve to restrict access -->
      <Valve className="cam.cl.raven.RavenValve"/>