Title: ³×À̹ö ¸ÞÀÏ
ÀÌ°øº¹ (kongbok) ´Ô²² º¸³»½Å ¸ÞÀÏ <¸ÞÀÏ Àü¼Û ½ÇÆÐ ¾Ë¸² <[EMAIL PROTECTED]>> ÀÌ ´ÙÀ½°ú °°Àº ÀÌÀ¯·Î Àü¼Û ½ÇÆÐÇß½À´Ï´Ù. -------------------------------------------- ¼ö½ÅÀÚÀÇ ¸ÞÀÏ º¸°ü ¿ë·®ÀÌ °¡µæÂ÷ ÀÖ½À´Ï´Ù. ³ªÁß¿¡ ´Ù½Ã ½ÃµµÇϽʽÿÀ. --------------------------------------------
Title: ³×À̹ö ¸ÞÀÏ
ÀÌ°øº¹ (kongbok) ´Ô²² º¸³»½Å ¸ÞÀÏ <¸ÞÀÏ Àü¼Û ½ÇÆÐ ¾Ë¸² <[EMAIL PROTECTED]>> ÀÌ ´ÙÀ½°ú °°Àº ÀÌÀ¯·Î Àü¼Û ½ÇÆÐÇß½À´Ï´Ù. -------------------------------------------- ¼ö½ÅÀÚÀÇ ¸ÞÀÏ º¸°ü ¿ë·®ÀÌ °¡µæÂ÷ ÀÖ½À´Ï´Ù. ³ªÁß¿¡ ´Ù½Ã ½ÃµµÇϽʽÿÀ. --------------------------------------------
Title: ³×À̹ö ¸ÞÀÏ
ÀÌ°øº¹ (kongbok) ´Ô²² º¸³»½Å ¸ÞÀÏ <Re: unable to configure form-based authentication correctly> ÀÌ ´ÙÀ½°ú °°Àº ÀÌÀ¯·Î Àü¼Û ½ÇÆÐÇß½À´Ï´Ù. -------------------------------------------- ¼ö½ÅÀÚÀÇ ¸ÞÀÏ º¸°ü ¿ë·®ÀÌ °¡µæÂ÷ ÀÖ½À´Ï´Ù. ³ªÁß¿¡ ´Ù½Ã ½ÃµµÇϽʽÿÀ. --------------------------------------------
Humphrey, I compared your descriptors with the ones I have in my own app and found just a few differences that might suggest changes you can try to get this working: 1. I defined the security roles in both application.xml and web.xml, not web.xml alone. 2. My protected URL is in a subdirectory, so it's: /protected/* rather than /*. If you really want everything protected, try omitting the leading slash and just use *. 3. I don't specify the http methods in the web-resource-collection tag. 4. My security-role-mapping tags in the orion-application.xml are not nested in the namespace-access tag. Instead, I have them nested directly under the orion-application tag. I'm a UserManager of my own design rather than the one that Orion supplies, but that shouldn't make any difference. Hope that helps. Gordon. ----- Original Message ----- From: Humphrey Sheil <[EMAIL PROTECTED]> To: Orion-Interest <[EMAIL PROTECTED]> Sent: Monday, May 14, 2001 10:20 AM Subject: unable to configure form-based authentication correctly > Hi > > I am unable to achieve a basic goal with orion: to force form-based > authentication using the simplest form of authentication (userids and > passwords stored in principals.xml). > > I have read all the posts on this subject on the mailing list, but to no > avail. I also tried the security primer on jollem.com, but the author of > this primer told me that this tutorial is not yet working. I also saw the > posts by Bill Winspure on Fri, 11 May 2001, but the mail archive hasn't got > the zip file attached to the mail. > > My application works fine without authentication, so there are no other > non-security related things affecting this. > > My procedure to add form-based auth. > ==================================== > > 1. I add three new attributes to my web.xml: > > <!-- attribute 1. declare the role I want to access my pages --> > > <security-role> > <role-name>r_user</role-name> > </security-role> > > > <!-- attribute 2. now tell the container what and how I want protected --> > <!-- note that the role-name attribute matches my security-role attribute > above --> > > <security-constraint> > <web-resource-collection> > <web-resource-name>Protected Area</web-resource-name> > <!-- Define the context-relative URL(s) to be protected --> > <url-pattern>/*</url-pattern> > <!-- If you list http methods, only those methods are protected --> > <http-method>DELETE</http-method> > <http-method>GET</http-method> > <http-method>POST</http-method> > <http-method>PUT</http-method> > </web-resource-collection> > <auth-constraint> > <!-- Anyone with one of the listed roles may access this area --> > <role-name>r_user</role-name> > </auth-constraint> > </security-constraint> > > > > <!-- attribute 3. let the container know that I want to use form-based > auth., and redirect to login.jsp --> > <!-- the form in login.jsp conforms to the servlet 2.2 spec. naming > conventions --> > <login-config> > <auth-method>FORM</auth-method> > <realm-name>Example Form-Based Authentication Area</realm-name> > <form-login-config> > <form-login-page>login.jsp</form-login-page> > <form-error-page>error.jsp</form-error-page> > </form-login-config> > </login-config> > > > 2. I edited the principals.xml contained in $ORION_HOME/config to contain > my user and group: > > > <group name="g_user"/> > > > <user username="testuser" password="xxx"> > <group-membership group="g_user" /> > </user> > > > 3. I built and deployed the application at this point, and started orion > server (with a fresh application-deployment directory). > > > Next, I went to my application sub-directory under > $ORION_HOME/application-deployments. > > Here I edited orion-application.xml and added two security-role-mapping > attributes, one each in the read-access and write-access sections as > follows: > > > <namespace-access> > <read-access> > <namespace-resource root=""> > <security-role-mapping > name="<jndi-user-role>"> > <group name="administrators" /> > </security-role-mapping> > <security-role-mapping name="<r_user>"> > <group name="g_user" /> > </security-role-mapping> > </namespace-resource> > </read-access> > <write-access> > <namespace-resource root=""> > <security-role-mapping > name="<jndi-user-role>"> > <group name="administrators" /> > </security-role-mapping> > <security-role-mapping name="<r_user>"> > <group name="g_user" /> > </security-role-mapping> > </namespace-resource> > </write-access> > > > (notes: I tried this with and without the < >. I also tried adding > just one security-role-mapping). > > > > The form-based auth. still does not work. I am presented with the login > form correctly when I try to access a protected resource, but my username > and password is always rejected. > > Is this functionality working in orion server 1.4.5? > > What have I missed in my steps above? > > Has anybody gotten this to work? > > > Thanks in advance > > Humphrey > _________________________________________________________________ > Get your FREE download of MSN Explorer at http://explorer.msn.com > > >
Title: ³×À̹ö ¸ÞÀÏ
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER
- 메일 전송 실패 알... NAVER-MAILER