• Home
  • Docker
  • Kubernetes
  • LLMs
  • Java
  • Ubuntu
  • Maven
  • Big Data
  • Archived
Samples | BASIC Authentication (Tomcat)
  1. The application structure
  2. Configure the file "tomcat-users.xml"
  3. Add and configure the file "web.xml"
  4. Add and configure the file "index.jsp"
  5. Test the BASIC authentication

  1. The application structure
  2. Configure the file "tomcat-users.xml"
    You need to activate the users/roles that will be authorized to authenticate to the application.

    File location: ${TOMCAT_HOME}/conf/tomcat-users.xml

    Example:
  3. Add and configure the file "web.xml"
    You need to configure your application so it will handle BASIC Authentication.

    File location: ${TOMCAT_HOME}/webapps/auth/WEB-INF/web.xml

  4. Add and configure the file "index.jsp"
    Here's a simple page that will show the connected user.

    File location: ${TOMCAT_HOME}/webapps/auth/jsp/index.jsp

  5. Test the BASIC authentication
    URL: http://localhost:8080/auth/jsp/

    tomcat-basic-authentication

    Here are the requests headers as it will be send by the browser, and the responses headers as it will be send back by Tomcat:

    • First, the browser will send these headers as part of the request:
    • Second, Tomcat will send back these headers as part of the response (401 Unauthorized):
    • When you fill your username/password and you click the "Log In" button, the browser will send these headers as part of the request:
    • Then Tomcat will send back these headers as part of the response (200 OK):
    Notes:
    You can decode the encoded values ent by the browser (Authorization: Basic dG9tY2F0OnRvbWNhdA==) by using the following Java code:
    Output: tomcat:tomcat

    You can also use the following web site: https://www.base64decode.org
© 2025  mtitek