Yasin Karanfil

If you need a restriction to access of your java web project, you can use Apache Tomcat Realm feature. If you need to store users on db, and also access this users as a POJO in jour project, you need to use Hibernate as well, please follow this steps.

In hbm.xml file, define this table
<class name="com.karanfil.shared.Role" table="ROL_ROLES">
<meta attribute="class-description">
JDBC Realm Roles for Tomcat Authentication
</meta>
<id name="RoleName" type="string" length="25" column="ROL_ROLENAME">
</id>
</class>
<class name="com.karanfil.shared.User" table="USR_USERS">
<meta attribute="class-description">
JDBC Realm Users for Tomcat Authentication
</meta>
<id name="UserName" type="string" length="25" column="USR_USERNAME">
</id>
<property name="UserPass" type="string" length="25" column="USR_USERPASSWORD" not-null="true" />
<property name="FirstName" type="string" column="USR_FIRSTNAME" not-null="false" />
<property name="SurName" type="string" column="USR_SURNAME" not-null="false" />
<set name="UserRoles" table="USER_ROLES" cascade="all" lazy="true">
<key column="USR_USERNAME" />
<many-to-many column="ROL_ROLENAME" class="com.karanfil.shared.Role" />

After defining the objects, create POJO objects using Hibernate plug-in.

Now, open ApacheTomcat\conf\server.xml file
Add these lines
<Realm className="org.apache.catalina.realm.JDBCRealm"
driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/karanfil"
connectionName="root" connectionPassword="root"
userTable="USR_USERS" userNameCol="USR_USERNAME" userCredCol="USR_USERPASSWORD"
userRoleTable="USER_ROLES" roleNameCol="ROL_ROLENAME" />

Now in your project, WEB-INF\web.xml file
add these lines, and change it to make most suitable for your project.

<security-constraint>
<web-resource-collection>
<web-resource-name>MyFirst</web-resource-name>
<description> accessible by authenticated users of the tomcat role</description>
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.html</url-pattern>
<url-pattern>*.htm</url-pattern>
<url-pattern>/brugwt/greet</url-pattern>
<url-pattern>/upload</url-pattern>
<url-pattern>/Worker</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
<http-method>DELETE</http-method>
</web-resource-collection>
<auth-constraint>
<description>These roles are allowed access</description>
<role-name>superuserrole</role-name>
<role-name>datainputrole</role-name>
<role-name>consultantrole</role-name>
</auth-constraint>
</security-constraint>

<login-config>
<auth-method>FORM</auth-method>
<realm-name>MyFirst Protected Area</realm-name>
<form-login-config>
<form-login-page>/login.html</form-login-page>
<form-error-page>/autherr.html</form-error-page>
</form-login-config>
</login-config>

<security-role>
<description>Only 'tomcat' role is allowed to access this web application</description>
<role-name>tomcat</role-name>
</security-role>

<security-role>
<description>Only 'administrator' role is allowed to access this web application</description>
<role-name>administrator</role-name>
</security-role>

Now the last step is creating users and roles on the db, you can do this using SQL or tools like MySql Query browser, Microsoft SQL Server Management Studio