Tomcat SQLRealm

I was working on a J2EE project, deployed on Tomcat. We were using the tomcat realms for authentication and authorization. We ran in to a problem : We needed to pass an additional parameter from the login page to the receiving controller (Spring MVC). After sifting through innumerable tomcat mailing lists ( this , this and this).

Yet another problem was that our tables that had users and roles were linked via another table called groups. And Tomcat does not have a realm implementation to execute arbitrary SQL queries.

It is straightforward to write a realm implementation in tomcat. Extend org.apache.catalina.realm.RealmBase, and implement getPrincipal(), and getName(). And I wrote one - SQLRealm. It does not solve the first problem of passing additional parameters, but solves the second one. Currently it does the following:

• Run aribtrary SQL query to extract password.
• Run aribtrary SQL query to extract roles.
• Accept multiple bind parameters for either query (The params are extracted from the username, each value separated by a configurable delimiter character).
• Uses plain JDBC.

The future enhancements will be to :

• Make the additional parameters available in the Principal object.
• Flexibility to use datasources.
  

I will be hosting the jar and the source, with a usage document in a couple of days.