Version 6 (modified by vegasm, 7 years ago) (diff)

--

## What is TAP

The aim of the Thredds Admin Portal (TAP) project lies in the idea of solving the huge problem existing in the Unidata Thredds application with the management of users, roles and dataset access. The Thredds user authentication is delegated to Tomcat Basic which gets users and roles from a given Realm. In order to authorize users, Thredds checks whether the dataset is restricted and if so, gets the user roles to make a decision. TAP manages the datasource mentioned to control user access to protected datasets.

## Environment setup

This environment consists of:

• Thredds 4.5.5
• TAP 2.4
• Apache derby network 10.11.1.1
• Apache Tomcat 7.0.59

Attached is a preconfigured environment instance. You only need to change the ports and paths in server.xml and start the derby instance. If you are not familiar please read on the following instructions.

### Expose our datasource in Tomcat

Tomcat gets users and roles from conf/tomcat-users.xml by default. We are going to change this in order to get users and roles from a given database. For this purpose, we need to add a new resource called “jdbc/admin” in GlobalNamingResurces?.

<Resource name="jdbc/adminDB" auth="Container" type="javax.sql.DataSource" factory="org.apache.tomcat.dbcp.dbcp.BasicDataSourceFactory"

<Realm className="org.apache.catalina.realm.DataSourceRealm" digest="MD5" debug="0" dataSourceName="jdbc/adminDB"