[JBoss-user] help needed with form-based authentification using jboss 2.2.2 & tomcat 3.2.2

Tue, 10 Jul 2001 05:09:09 -0700 

hi folks,

i'm obviously doing soemthing wrong here. a search through
the archives didn't present a solution so i have to ask
you even so i think this has been asked before.

i want to do form-based login for my webapp. securing ejb's
is not yet needed, controlling who can login to the app is.

<RequestInterceptor className="org.apache.tomcat.request.SimpleRealm"
debug="0" />

was missing from server.xml in tomcat/conf, instead i found:

<RequestInterceptor
className="org.jboss.tomcat.security.JBossSecurityMgrRealm" />

i suggested that i do not need a separate jdbcrealm as when
using only tomcat or am i wrong here?

i just configured my parts in the web.xml:

    <security-constraint>
      <web-resource-collection>
         <web-resource-name>Protected Area</web-resource-name>
         <!-- Define the context-relative URL(s) to be protected -->
         <url-pattern>/docs/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
         <!-- Anyone with one of the listed roles may access this area -->
         <role-name>user</role-name>
      </auth-constraint>
    </security-constraint>

    <login-config>
      <auth-method>FORM</auth-method>
      <realm-name>Form-Based Authentication Area</realm-name>
      <form-login-config>
        <form-login-page>/login.html</form-login-page>
        <form-error-page>/error.html</form-error-page>
      </form-login-config>
    </login-config>

and as a result i get:

[EmbeddedTomcatSX] User: null is authenticated
2001-07-10 01:14:55 - Ctx( /CN_BSC3 ): Exception in: R( /CN_BSC3 +
/docs/index.jsp + null) - java.lang.NullPointerExcept
ion
        at
org.jboss.tomcat.security.JBossSecurityMgrRealm.authenticate(JBossSecurityMg
rRealm.java:113)
        at
org.apache.tomcat.core.ContextManager.doAuthenticate(ContextManager.java:837
)
        at
org.apache.tomcat.core.RequestImpl.getRemoteUser(RequestImpl.java:341)
        at
org.jboss.tomcat.security.JBossSecurityMgrRealm.authorize(JBossSecurityMgrRe
alm.java:148)
        at
org.apache.tomcat.core.ContextManager.doAuthorize(ContextManager.java:855)
        at
org.apache.tomcat.core.ContextManager.internalService(ContextManager.java:78
9)
        at
org.apache.tomcat.core.ContextManager.service(ContextManager.java:743)
        at
org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpC
onnectionHandler.java:213)
        at
org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java:416)
        at
org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java:501)
        at java.lang.Thread.run(Unknown Source)

and not the login-page. can anyone please point me in the right direction.

jan

--
Jan Heise / Tel: +49-170-4803237 / E-Mail: [EMAIL PROTECTED]


_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to