How to Password Protect your DBTuna GUI

If you run DBTuna on a publically accessible server, or if you'd like to lock down usage of it internally, then the simplest solution is to username/password protect access to the GUI. DBTuna uses Apache Tomcat to serve it's content, therefore you can simply use the included Tomcat security.

To do this you need to edit a couple of XML files in the [dbtuna install
dir]/jakarta-tomcat-5.0.28/conf directory:

To create a username/password edit the tomcat-users.xml file and insert two lines:

<role rolename="dbtuna"/>
<user username="dbtuna" password="password" roles="dbtuna"/>

N.B. Change your username and password to be whatever you want, but keep the rolename as dbtuna.

Then insert the following lines in the web.xml file before the closing </web-apptag:

<!--
Password protect dbtuna pages
-->
<security-constraint>
 <web-resource-collection>
   <web-resource-name>
     DBTuna Application
   </web-resource-name>
   <url-pattern>/*</url-pattern>
 </web-resource-collection>
 <auth-constraint>
     <role-name>dbtuna</role-name>
 </auth-constraint>
</security-constraint>
<!-- Define the Login Configuration for this Application -->
<login-config>
 <auth-method>BASIC</auth-method>
 <realm-name>DBTuna Admin Users Only</realm-name>
</login-config>

When you have done this you need to re-start the agent and GUI. So, stop your agent via Agent Manager, and then either run the ./stopDBTuna.sh followed by ./startDBTuna.sh script from the installation root directory (if running DBTuna on Linux) or stop the "DBTuna GUI" Windows Service (if running DBTuna on Windows).

Copyright ©2010 DBTuna. All rights reserved.