Wednesday, September 22, 2010

Setting up Mapviewer Admin Access in Apache Tomcat

In the previous post I explained how to get Mapviewer successfully deployed using Apache Tomcat. This follow-up post explains how to setup access to the Mapviewer Admin.

In order to access the admin console for mapviewer, you need to set up a user/role. Mapviewer uses container-managed security. Tomcat provides container-managed security in a number of ways. For this example, we are just going to leverage Tomcat's memory realm. This is easy to set up.

Before starting, shutdown Tomcat. Then, do the following:
  1. Open the file web.xml. It is located here: [TOMCAT_HOME]\webapps\mapviewer\WEB-INF
  2. In this file, you shall find the configuration for the mapviewer servlet. It looks as follows:
    <!-- MapViewer Servlet -->
<servlet>
<servlet-name>oms</servlet-name>
<servlet-class>oracle.lbs.mapserver.oms</servlet-class>
<load-on-startup>1</load-on-startup>

<!-- role name used in code -->
<security-role-ref>
<role-name>map_admin</role-name>
<role-link>map_admin_role</role-link>
</security-role-ref>   
</servlet>

    Notice the security-role-ref tag. Put simply, this means we need to create a user and assign it to a role called map_admin_role. To add a user to the Tomcat memory realm, you need to edit the file: [TOMCAT_HOME]\conf\tomcat-users.xml

    This configuration needs to look like the following:
    <tomcat-users>
<role rolename="manager-gui"/>
<role rolename="map_admin_role"/>

<user username="tomcat" password="tomcat" roles="manager-gui"/>
<user username="madmin" password="madmin" roles="map_admin_role"/>
</tomcat-users>

    Note that the role manager-gui has nothing to do with mapserver, but is a role for using Tomcat's admin tool. I added this to demonstrate that all your roles needs to be defined in the XML file BEFORE the users, and roles and users need to be grouped together.

    As mentioned earlier, you can use other methods to establish users in the tomcat container. For more information, you can read about realms in tomcat here.
  3. Once you are finished editing the tomcat-users.xml file, save it and start the tomcat container again. Load the mapviewer homepage again (http://localhost:8080/mapviewer) and click on the the admin link in the upper-right hand corner. Enter the username/password--e.g. madmin/madmin in this example--and click login. You should now be logged into the map server admin.
Posted by at
Labels:

3 comments:

Humpy125 said...

This is great. I have now successfully got MapViewer running in Tomcat.

I can now un-tether myself from oc4j

February 6, 2012 at 8:31 PM
Rajkumar said...

Hi Tom,

You have described in simple terms and in easy way to deploy the mapviewer outside of oracle products like OC4J and Weblogic.

Thanks and Appreciated!

July 9, 2012 at 2:14 AM
Frank Ernest said...

Thank you, this and the proceeding article have been extremely useful. If only Oracles documentation was as user friendly.

March 21, 2016 at 4:06 AM

Post a Comment

Subscribe to: Post Comments (Atom)