...
| Warning |
|---|
In general it is recommended to handle authentication outside of tomcat. When running in a cloud enviroment, this can typically be done with an API gateway. In on premise enviroments a reverse proxy (like NGinx or Apache HTTPD) or a firewall/applicance is recommended. Using FEWS Web Services Security with Open ID Connect is nativaly supported by the Delft-FEWS Web Services since 2022.01. |
In this section an example is given of using Basic Authentication as security measure using the default UserDatabaseRealm using a file based user store. Alternatively Tomcat has support for connecting to an LDAP server or using a JDBC connection to a database to access user accounts.
...