Making tomcat multi-tenant for SaaS

Our tomcat server serves a single war file that is serviced by 3 different identical databases for 3 tenants.

Plan is to use a JNDI datasource (3 datasources) and use an Abstract Factory to instantiate the necessary subclasses for that tenant.

Want to use container managed authentication.

We want to use the builtin Java security annotations like @RolesAllowed etc. Auth is via HTTP Basic Auth. This works great for one tenant (default config). However I cant think of a good solution where tomcat can identify the tenant based on the context (https://server/resources/CLIENT1/Blah) and then lookup the appropriate JNDI for CLIENT1/2/3 etc..

Thoughts or suggestions ?

Solved by creating Virtual Hosts

Created two virtual hosts localhost localhost2

Created two Realms (UserDatabase realm for testing) UserDatabase UserDatabase2

Both hosts point to the same document root

By calling http://localhost/service, realm UserDatabase is used and calling http://localhost2/service, realm UserDatabase2 is used

Thanks to Tomcat docs..

  <Service name="Catalina">
            <Host appBase="webapps" autoDeploy="false" name="localhost" unpackWARs="true">
                <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" pattern="%h %l %u %t &quot;%r&quot; %s %b" prefix="localhost_access_log." resolveHosts="false" suffix=".txt"/>
            </Host>
            <Host appBase="webapps" autoDeploy="false" name="localhost2" unpackWARs="true">
                <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase2"/>
            </Host>
        </Engine>