Administration GuideTools to Manage CA DirectoryDXmanagerLogin AccountsMethods for Setting Up Login Accounts › Configure Authentication to a Directory or Database

Previous Topic: Authentication Using Existing Accounts

Next Topic: How to Set Up Login Accounts in Tomcat
Configure Authentication to a Directory or Database

If you want to use existing user data for DXmanager authentication, you can set up a Tomcat realm. A realm is a store of user names, passwords, and roles that identifies valid users.

Note: Before you begin, stop the Tomcat service: CA Directory Webserver. This disconnects any currently open sessions.

To configure authentication to use an existing directory or database

  1. (Optional) If your directory or database includes hashed passwords, enable hashed passwords in Tomcat.
  2. Download the JDBC or JNDI driver for your database or directory, and put it in the following location: 
    DXHOME/../dxwebserver/lib
  3. Create a new user account for the directory or database, or identify a suitable existing account.

    This account must have at least read-only access to the user and role data. Tomcat connects to the directory or database using this account.

  4. Identify the structure of the user and role data in the directory or database, using the instructions in Tomcat realms on the Apache site.
  5. Open the following file in a text editor: 
    DXHOME/../dxwebserver/conf/server.xml
  6. Find the following element and comment it out: 
    <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase"/>

    This disables the default realm, which uses accounts in a local XML file for authentication.

  7. Define a realm element for the type of directory or database that you plan to use.

    Some realm elements are already included in the XML file, enclosed with commenting marks. If a suitable realm is already defined, do the following:

    1. Identify the commented-out realm element that applies to the type of directory or database you plan to use, and then delete the commenting marks.
    2. Update the attributes in the new realm element with the details of your directory or database, using the instructions in Tomcat realms on the Apache site.

    If a suitable realm is not yet defined in the file, create a new realm element for your directory or database using the instructions in Tomcat realms on the Apache site.

  8. Close and save server.xml.
  9. Start the Tomcat service: CA Directory Webserver.

    Users in the directory or database can now log in to DXmanager.