Tomcat 7 and Up: JDBC Realm

It is amazing how Tomcat can be modified to help speed up development. On this post, I will demonstrate how to use Tomcat JDBC Realm which uses an RDBMS for authentication. This could cut down development time for simple applications.

Software requirements 

  1. Jdk1.6u21
  2. Tomcat 7.0.2
  3. Hsqldb-2.0.1-rc2
  4. Windows XP


  1. JDK1.6U21 Install the Jdk and set JAVA_HOME to its home path (i.e., c:\program files\Java\jdk1_6u21). Then, restart Windows. There is a smarter way to do this but I will keep things simple.
  2. Tomcat 7.0.2 Extract the downloaded zip file to some directory and go to <SOME-DIRECTORY>\apache-tomcat-7.0.2\bin.Start Tomcat by double-clicking “startup.bat”. Verify Tomcat is running by accessing http://localhost:8080.
  3. HSQLDB Extract the downloaded zip file to some directory. Invoke the following in the command-line interpreter: <SOME-DIRECTORY>\hsqldb\bin\> runServer.bat –database.0 file:mydb –dbname.0 xdb. This will start the HSQLDB server and create an empty database named “mydb”. Create tables and insert some rows to them.

Create HSQLDB Tables and Insert Data

Double-click the file runManagerSwing.bat located in <SOME-DIRECTORY>\hsqldb\bin\ and the HSQL Database Manager will start up:


Make sure to use the following parameters:

Type: HSQL Database Engine Server
Driver: org.hsqldb.jdbcDriver
URL: jdbc:hsqldb:hsql://localhost:9001/xdb
User: SA

Then, create two tables – TC_USERS and TC_ROLES – and insert some rows:

Configure Tomcat

Modify <TOMCAT_HOME>/conf/server.xml by replacing:


Deploy and configure your Application


Sample Web Application


  • index.jsp contains:
  • WEB-INF\web.xml contains:

Test JDBC Realm

From the web.xml, only users with tomcat role can get in to access the resources of Tomcat. Access the sample web application via http://localhost:8080/JDBCRealmTest/index.jsp and use tomcat/tomcat123 username/password. Make sure HSQLDB is up and running.


Use tomcat/tomcat123

You should be able to view the page generated by index.jsp.



Well, that is it!