0

Java Web Application BASIC Authentication in Tomcat

This post demonstrates how to use BASIC Authentication in a web application in Java using Tomcat.

Requirements

  • Tomcat 8.5.37
  • Open JDK 1.8.0_192

Users and Roles

Update conf/tomcat-users.xml with the following roles and users.

Update web.xml

Then, modify web.xml with the following security-constraint and login-config elements.

Here we wanted to restrict the whole application.

SSL

The CONFIDENTIAL value for transport-guarantee element forces the authentication process to be done in SSL.

References

  • https://tomcat.apache.org/tomcat-8.5-doc/ssl-howto.html
Karl San Gabriel

Karl San Gabriel

Java and Enterprise Technologies Expert