On Wed, Apr 21, 2010 at 10:15:20AM +0200, Mattias Jiderhamn wrote: > Thanks, that worked. > > I tried adding <resin:Allow> (or <security-constraint>) also to add > some IP filtering (<resin:IfNetwork> vs <ip-constraint>) and then > the authenticator seems to be overridden. In case the request comes > from a trusted IP range, no login is required. > I have to add <resin:And> <resin:IfUserInRole role="resin-admin"/> > also. Is that intended...?
Where did you set these? If you added it in the resin.xml, you probably overrode the settings in the admin application's resin-web.xml. That's probably the best place to integrate those network constraints. > Btw, in order to not mess up the login page I set > url-pattern="*.php". Any risk this will change in a future release > "without further notice"? Maybe it's better/safer to allow > "/images/*" and "*.css"? Sorry, I don't really understand the context of the question... which url-pattern? Emil > </Mattias> > > Emil Ong wrote (2010-04-16 23:17): > >Hi Mattias, > > > >Are you using a custom resin.xml/resin.conf? If so, you might try > >copying the<resin:AdminAuthenticator> configuration from the default. > >It looks like this: > > > > <resin:AdminAuthenticator> > > <resin:import path="${__DIR__}/admin-users.xml" optional="true"/> > > </resin:AdminAuthenticator> > > > >This part of the install document may also be helpful: > > > >http://caucho.com/resin-4.0/admin/starting-resin-install.xtp#Creating%20a%20password%20for%20the%20Resin%20Administration%20Console > > > >Best, > >Emil > > > > > >On Fri, Apr 16, 2010 at 09:46:33AM +0200, Mattias Jiderhamn wrote: > >>I feel like a newbie for having to ask this, but admittedly I have never > >>used the J2EE authentication mechanism since we have a proprietary one. > >> > >>I'm trying to set up resin-admin following a combination of the > >>instructions at > >>http://caucho.com/resin-4.0/admin/resin-admin-console.xtp and the > >>instructions shown when accessing the admin app. > >>I have configured the web-app and had it generate a admin-users.xml so > >>that I can log in. However I have no access, apparently since my user is > >>not in the "resin-admin" role. > >>Doing a bit of debugging I end up in a NullAuthenticator that only > >>accepts the "user" role. So I guess I need to configure some other > >>authenticator, right...? > >> > >>-- > >> > >> </Mattias> > > _______________________________________________ resin-interest mailing list resin-interest@caucho.com http://maillist.caucho.com/mailman/listinfo/resin-interest