Greenstone Wiki

User Tools

Site Tools

You are here: index » en » user_advanced » user_management
en:user_advanced:user_management

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision		Previous revision
Last revisionBoth sides next revision
en:user_advanced:user_management [2014/09/04 02:20] – external edit 127.0.0.1en:user_advanced:user_management [2017/08/03 00:23] kjdon
Line 7: Line 7:
   * User groups   * User groups
   * Editing users   * Editing users
 +
 +===== GS3 Tomcat authentication notes =====
 +
 +We use Tomcat Realm to connect to JDBC database of users. Its specified in
 +resources/tomcat/greenstone3.xml.in (which gets copied to resources/tomcat/context-name.xml, and then to packages/tomcat/conf/Catalina/localhost/context-name.xml
 +
 +<code>
 +<!--
 +   For embedded derby db:
 +   driverName="org.apache.derby.jdbc.EmbeddedDriver"
 +   connectionURL="jdbc:derby:@gsdl3webhome@/etc/usersDB"
 +-->  
 +<Realm className="org.apache.catalina.realm.JDBCRealm" 
 +        driverName="org.apache.derby.jdbc.ClientDriver"
 +        connectionURL="jdbc:derby://@derbyserver@:@derbyserverport@/@gsdl3webhome@/etc/usersDB"
 +        userTable="users" userNameCol="username" userCredCol="password"
 +        userRoleTable="roles" roleNameCol="role"
 +        />
 +</code>
 +
 +Will end up like
 +
 +<code>
 +<Realm className="org.apache.catalina.realm.JDBCRealm" 
 +        driverName="org.apache.derby.jdbc.ClientDriver"
 +        connectionURL="jdbc:derby://localhost:1527//greenstone/greenstone3/web/etc/usersDB"
 +        userTable="users" userNameCol="username" userCredCol="password"
 +        userRoleTable="roles" roleNameCol="role"
 +                />
 +
 +</code>
 +
 +Logins timeout when the tomcat session expires. Session expiry happens after a specified period of inactivity. In LibraryServlet.java, have 
 +<code>
 +/**
 +  * the maximum interval that the cached info remains in session_ids_table
 +  * (in seconds) This is set in web.xml
 +  */
 +  protected int session_expiration = 1800;
 +
 +</code>
 +
 +This can be overridden by putting a session-expiration init-param into your servlet specification in web/WEB-INF/servlets.xml (which is included by web.xml). This is specified in seconds.
 +<code>
 +<init-param>
 +  <param-name>session_expiration</param-name>
 +  <param-value>3600</param-value>
 +</init-param>
 +</code>
 +
 +