miniOrange can configure Tomcat using three authentication methods the Basic Authentication, Form Authentcation and Authentication using valve. Below is the description of Custom Authentcation using valve:
Tomcat Authenticator valve protects access to all or some webapps deployed in the tomcat instance. If the user is not authenticated, it sends a request to SAML plugin to authenticate the user.
It also manages the Single Sign On between the protected webapps (can be configured if you do not want single sign on between the protected apps).
Open server.xml available in your Tomcat's conf directory.
Under the Host Element of XML file add:
<Valve className="----Enter ClassName here----" valvePropertyLoc="----Enter external property file location----" />
Properties defined in external property file(specified while configuring valve in server.xml) will override properties in application.properties
IdP Issuer Name: It is required for verifying Issuer Name in the SAML response from the IdP
Protected contexts: semi-colon separated list of apps that you need to protect. Use * if you need to protect all the apps deployed on the tomcat instance protected.contexts=*
Note: If protected context list contains * then all the deployed apps gets protected.
SAML plugin context name (WAR file name):
The SAML plugin deployed in the same Tomcat instance that you want to protect
Note: The above two properties is required to ignore any requests coming for SAML plugin. If SAML plugin is deployed in the same tomcat instance and request comes for SAML plugin, Tomcat Authenticator will ignore the authenticating the user.
The Single Sign On enabled property: Set this property to "true" if you want Single Sign on between the protected webapps (contexts). Set this to "false" if do not want single sign on
Note: For Single Sign On to work, the Single Sign On valve must be configured in conf/server.xml. It is also necessary that SingleSignOn valve entry must be above SecureauthAuthenticator valve entry.
Compile and deploy tomcat authenticator
Open command prompt and go to directory for the project which needs to be deployed.
Run mvn clean package - This will generate jar file of your project in <project name>/target directory
Copy the generated jar file in your Tomcat's lib directory.
NOTE: If any property changes, the server needs to be restarted for loading the changed properties.
miniOrange provides 24/7 support for all the Secure Identity Solutions. We ensure high quality support to meet your satisfaction.Try Now
We offer Secure Identity Solutions for Single Sign-On, Two Factor Authentication, Adaptive MFA, Provisioning, and much more. Please contact us at -
+1 978 658 9387 (US) , +91 97178 45846 (India) | firstname.lastname@example.org