Hi!
I can't figure out why my BASIC authorization isn't working for my app. The
pages show up as 401 Not Authorized, but no popup authorization window pops
up! Further, the admin and manager apps are working using my JDBCRealm
(:Enter Password" window does pop up). Help appreciated.
server.xml:
-
r provides over writing things like this myself, the more I like
it. For the most part it's transparent across containers.
-Original Message-
From: QM [mailto:[EMAIL PROTECTED]
Sent: Monday, October 18, 2004 10:01 PM
To: Tomcat Users List
Subject: Re: JDBCRealm authentication on ev
Hello,
I have a real strange Problem with Tomcat and IE
When I get forwarded to the login page of my application and enter
my account data I always get the following message:
HTTP Status 408 - The time allowed for the login process has been exceeded.
If you wish to continue you must either click
On Mon, Oct 18, 2004 at 11:41:51AM -0500, Graff, David wrote:
: I think, but this may need elaboration, that Deigo want's to put a "login"
: box on all pages when the user has not authenticated and not show it after
: login.
Ah, gotcha. Instead of showing a login box, what about a login *link*
th
ist
Subject: Re: JDBCRealm authentication on every page
On Mon, Oct 18, 2004 at 05:59:59PM +0200, Diego wrote:
: Hi! I want to put a login form on all of my pages. I'm using Tomcat 5
: and JDBCRealm, and authentication is working fine when a user tries to
: access a protected resource. But I
On Mon, Oct 18, 2004 at 05:59:59PM +0200, Diego wrote:
: Hi! I want to put a login form on all of my pages. I'm using Tomcat 5
: and JDBCRealm, and authentication is working fine when a user tries to
: access a protected resource. But I don't know how could I invoke
: "manu
Hi! I want to put a login form on all of my pages. I'm using Tomcat 5
and JDBCRealm, and authentication is working fine when a user tries to
access a protected resource. But I don't know how could I invoke
"manually" JDBCRealm authentication on non-protected pages and stay into
Hi all,
> Has anyone created a DataSourceRealm that works with DIGEST
> authentication? I'm planning to make one, but only if I'm not
> reinventing the wheel.
If anyone's interested, here's what I have so far:
http://sylow.no-ip.com/pub/apache/jakarta/tomcat/D
Hi all,
Has anyone created a DataSourceRealm that works with DIGEST
authentication? I'm planning to make one, but only if I'm not
reinventing the wheel.
A relative bugzilla issue:
http://issues.apache.org/bugzilla/show_bug.cgi?id=19767
Best regards,
-- Shinobu Kawai
--
Shi
, 2004 7:45 PM
> To: [EMAIL PROTECTED]
> Subject: Form Based Authentication with Cookies?
>
>
> I have been looking for a way withing tomcat using a
> JDBCRealm to do form bases authentication and allow users to
> set some sort of "Remember Me" cookie, so they do not nee
I have been looking for a way withing tomcat using a JDBCRealm to do
form bases authentication and allow users to set some sort of
"Remember Me" cookie, so they do not need to log into my application
more than once a month or so.
It looks like to me that FormAuthenticator is sort of
I am using JNDI and Tomcat 4.1 for form-based authentication on a
OpenLDAP 2.1 server. The OS is Fedora Core 2. This is a new server I
am setting up to replace an exisiting one... Upgraded hardware /
software... Anyway, authentication works for the user but doesn't find
the user i
>-Original Message-
>From: Shinobu Kawai [mailto:[EMAIL PROTECTED]
>Sent: Friday, October 08, 2004 1:14 AM
>To: Tomcat Users List
>Subject: Re: Using Digested Passwords and DIGEST Authentication at the
sam
>e time.
>
>Hi Phillip,
>
>Thanks for the inform
Hi Phillip,
Thanks for the information.
> - Not all browsers supported DIGEST authentication, so you can't gurantee
> that all clients will be able to authenticate... Internet Explorer and
> Knoqueror are two browsers that do support DIGEST authentication. Mozilla
> 1.0 claims
As I am knew to Tomcat I will ask you to excuse my ignorance. I have just
realized (and I am asking those with the necessary experience to verify
this) that when you talk about "DIGEST" authentication there are really two
separate and distinct forms of it:
1. Indicate to the BROWSER
It's interesting you know. I read a book called "Professional Apache Tomcat"
published by Worx. In Chapter 16 Tomcat Security, the author says
- Not all browsers supported DIGEST authentication, so you can't gurantee
that all clients will be able to authenticate... Internet Ex
re it with the value stored in database.
-Original Message-
From: Shinobu Kawai [mailto:[EMAIL PROTECTED]
Sent: October 7, 2004 12:51 PM
To: Tomcat Users List
Subject: Re: Using Digested Passwords and DIGEST Authentication at the sam e
time.
Hi Phillip,
> Have you tried it based on t
Hi Phillip,
> Have you tried it based on the howto?
Yep.
Here's what I tried: (All with o.a.c.r.MemoryRealm)
clear text + BASIC -> works!
clear text + DIGEST -> works!
MD5 digest + BASIC -> works!
SHA digest + BASIC -> works!
MD5 digest + DIGEST -> doesn't work!
SHA digest + DIGEST -> doesn't work
Have you tried it based on the howto?
-Original Message-
From: Shinobu Kawai [mailto:[EMAIL PROTECTED]
Sent: October 7, 2004 12:01 PM
To: [EMAIL PROTECTED]
Subject: Using Digested Passwords and DIGEST Authentication at the same
time.
Hi all,
I'm looking for a way to use Dig
Hi all,
I'm looking for a way to use Digested Passwords as in
http://jakarta.apache.org/tomcat/tomcat-5.0-doc/realm-howto.html
and DIGEST Authentication at the same time. I have found relative
questions/threads in the list:
http://www.mail-archive.com/[EMAIL PROTECTED]/msg97135
To: 'Tomcat Users List'
> Subject: DIGEST Authentication in Tomcat 4 vs Tomcat 5
>
> Can anyone point me to information concerning whether or not DIGEST
> authentication works in Tomcat 4 and/or Tomcat 5? I have only found
> conflicting information on the web as wel
For a single webapp with a database, I have used md5 hashes. I believe MySQL
does the same for its users table.
If you have a whole suite of applications that you know you would like to
tie into I like authentication to be taken care of by a separate web-app.
Hope this helps.
R
-Original
On Wed, 2004-10-06 at 11:59, Anderson, M. Paul wrote:
> 3. We currently store passwords in a database in plain text but we now wish
> to encrypt them.
If you look at the underlying code for the web mail client for yahoo.com
for example, you will find a small amount of JavaScript that encrypts
th
BASIC authentication.
3. We currently store passwords in a database in plain text but we now wish
to encrypt them.
4. I was leaning towards using DIGEST authentication but am not convinced
it works correctly based on various articles/books I've seen.
Do you recommend any other approaches?
x27;t done tested it for 4.x
(you should upgrade to 5 anyways if possible for you).
Yoav Shapira
Millennium Research Informatics
>-Original Message-
>From: Anderson, M. Paul [mailto:[EMAIL PROTECTED]
>Sent: Tuesday, October 05, 2004 6:30 PM
>To: 'Tomcat Users List'
&g
Can anyone point me to information concerning whether or not DIGEST
authentication works in Tomcat 4 and/or Tomcat 5? I have only found
conflicting information on the web as well as in several books. Is there a
tutorial out there somewhere that would help me set this up? I have seen
comments
t: Monday, October 04, 2004 2:12 PM
> To: Tomcat Users List
> Subject: RE: type in twice for basic authentication???
>
>
> Hi,
> Does 4.1.30 behave better? Or 5.0.27?
>
> (5.0.28 has http://issues.apache.org/bugzilla/show_bug.cgi?id=31372
> which might affect this use-
Anybody have a clue as to why my basic authentication box would keep
coming back at me 2-6 times before letting me in, even though I'm typing
the correct username and password every single time? This is Tomcat
4.1.27
---
Is this possible?
I have to investigate the possibility of integrating two systems,
where users authenticate themselves against our webapp, and the webapp
checks their credentials against a web service in the background..
Do I have to make my own JAAS realm, which in turn authenticates
against a
t: Monday, October 04, 2004 1:59 AM
>To: Tomcat Users List
>Subject: RE: type in twice for basic authentication???
>
>Tomcat 4.1.27 -- please help!
>
>
>- Original message -
>From: "Mark Thomas" <[EMAIL PROTECTED]>
>To: "'Tomcat Users List'&
arian; Tomcat Users List
Subject: Re: Tomcat Compiling Error - Form Based Authentication
I have to give u a bad news.
What i said yesterday night was wrong.
I have the same error also putting tools.jar (the JDK 1.5 ones)...
so I'm in trouble again!
Omar
- Original Message -
From: &quo
7;" <[EMAIL PROTECTED]>
Sent: Sunday, October 03, 2004 9:53 PM
Subject: RE: Tomcat Compiling Error - Form Based Authentication
Hi Omar,
You should install the entire new JDK. Having 1 jar file from 1 version
of the JDK and all the other JAR files from another version could cause a
lot of pr
Hi!!
I use Tomcat 4.1 within JBoss 3.2.3 and JAAS.
I need to know the page requested before the authentication take the control
of the view. I find that information in the StandardSession's note
"org.apache.catalina.authenticator.REQUEST".
How can i read it?!
request.ge
Tomcat 4.1.27 -- please help!
- Original message -
From: "Mark Thomas" <[EMAIL PROTECTED]>
To: "'Tomcat Users List'" <[EMAIL PROTECTED]>
Date: Sat, 2 Oct 2004 10:03:49 +0100
Subject: RE: type in twice for basic authentication???
What ve
st" <[EMAIL PROTECTED]>
Sent: Sunday, October 03, 2004 9:11 PM
Subject: Re: Tomcat Compiling Error - Form Based Authentication
I hope you've right.
Tomorrow i'll do it and write here if it works...
thx a lot
- Original Message -
From: "John Najarian" &
PM
Subject: RE: Tomcat Compiling Error - Form Based Authentication
Omar, this may be the problem & my hunch is that it is. You've built & run
code against never version of tomcat, jdk, jre... It could be there is 1 or
more things that work/compile... with these newer versions that aren't
ba
't compatible.
If you can get jdk 1.5 and tomcat 5.28 for Linux download, install them and
rebuild your app.
-Original Message-
From: Omar Adobati [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 03, 2004 11:50 AM
To: Tomcat Users List
Subject: Re: Tomcat Compiling Error - Form Based
8:45 PM
Subject: RE: Tomcat Compiling Error - Form Based Authentication
You're still using the app on a Windows XP machine right?
What version of Tomcat, jdk & jre are on that box?
You may want to upgrade the jre/plugin to 1.4.2_05. I'm not sure if this
will fix your problem but it wo
mar Adobati [mailto:[EMAIL PROTECTED]
Sent: Sunday, October 03, 2004 11:25 AM
To: Tomcat Users List
Subject: Re: Tomcat Compiling Error - Form Based Authentication
Tomcat: 5.0.18
JDK & jre: 1.4.2
O.S.: Linux
ther's anything wrong?
- Original Message -
From: "John Najarian&
Tomcat: 5.0.18
JDK & jre: 1.4.2
O.S.: Linux
ther's anything wrong?
- Original Message -
From: "John Najarian" <[EMAIL PROTECTED]>
To: "'Tomcat Users List'" <[EMAIL PROTECTED]>
Sent: Sunday, October 03, 2004 8:07 PM
Subject: RE: Tomcat Co
rs List
Subject: Re: Tomcat Compiling Error - Form Based Authentication
I don't think it was a permission problem on the webapps application 'couse
all other still work good and have the same permissions settings as this one
that gives troubles.
This is the permission on tools.jar, I
PM
Subject: RE: Tomcat Compiling Error - Form Based Authentication
I've run out of ideas but could this be a permissions problem? Either on the
tools.jar or on the work directory for the webapp?
Which version of tomcat are you running?
-Original Message-
From: Omar Adobati [mailto
List
Subject: Tomcat Compiling Error - Form Based Authentication
Sorry Matt,
the log was changeing. Now it show just this instead off the error that cant
compile... why?
I'm still usinf form-based authentication and the webapp in a localmachine
with WinXP + Tomcat worls good but gives this pr
Sorry Matt,
the log was changeing. Now it show just this instead off the error that cant
compile... why?
I'm still usinf form-based authentication and the webapp in a localmachine
with WinXP + Tomcat worls good but gives this problem on a server with Linux
RH plus Tomcat.
(Tomcat is the
Due to increasing levels of spam, this email address no longer receives email.
To contact us, please go to http://takanomi.com/contact.php.
[If you publish an ezine or newsletter to which we are subscribed, or own an affiliate
program or service of which we are a member, please visit the abo
What version of tomcat?
> -Original Message-
> From: Stephen Charles Huey [mailto:[EMAIL PROTECTED]
> Sent: Friday, October 01, 2004 11:38 PM
> To: Tomcat Users List
> Subject: Re: type in twice for basic authentication???
>
> Yeah, I need some major help on this
at).
- Original message -
From: "Stephen Charles Huey" <[EMAIL PROTECTED]>
To: "Tomcat User" <[EMAIL PROTECTED]>
Date: Fri, 01 Oct 2004 17:10:32 -0500
Subject: type in twice for basic authentication???
When my web app pops up a basic authentication box, I type in
When my web app pops up a basic authentication box, I type in the
username and password, and then it bounces back with blank text boxes
asking for it again. Every time when I type them in a second time it
then lets me in! What's going on? Here's what I have in my
27;origine-
De : QM [mailto:[EMAIL PROTECTED]
Envoyé : mercredi 29 septembre 2004 23:52
À : Tomcat Users List
Objet : Re: User authentication in multi repositories
On Wed, Sep 29, 2004 at 01:50:31PM -0300, Ac?cio Furtado Costa wrote:
: We would like to know, if it is possible for an appl
On Wed, Sep 29, 2004 at 01:50:31PM -0300, Ac?cio Furtado Costa wrote:
: We would like to know, if it is possible for an application to authenticate
: users in multiple LDAP Services. For instance, one sub-group of users will
: authenticate on our corporate domain (Active Directory) and another
:
We would like to know, if it is possible for an application to authenticate users in
multiple LDAP Services. For instance, one sub-group of users will authenticate on our
corporate domain (Active Directory) and another sub-group (clients, supliers) in
other repository (ADAM- Active Directory A
er
HTH
Happy Hacking,
Gaurav Vaish
http://www.mastergaurav.org
-
On Fri, 24 Sep 2004 09:33:13 -0500, Angelov, Rossen
<[EMAIL PROTECTED]> wrote:
> Hi,
> We are running our applications on Tomcat 4 and 5. On both versions we are
> having problems
Hi,
We are running our applications on Tomcat 4 and 5. On both versions we are
having problems with the basic authentication.
The problem is that I haven't found a way to overwrite the default 401 error
page with a custom page.
If I add an error-page element in web.xml for erro
On Fri, Sep 24, 2004 at 09:20:06AM -0400, Matt Mejaski wrote:
: [snip re: using Apache]
: Currently, in Apache, I have some Alias'es to point to other directories on
: the server (i.e. Alias /MyStuff C:\MyStuff), and then, I use a .htaccess
: file to control access to /MyStuff.
:
: Now, I was wond
Hi all,
I'm currently developing a web app, and I'm currently using Apache HTTP
Server as well as Tomcat.
Tomcat is my Java and JSP Servlet container. Apache HTTP Server is
(obviously) a server to serve my static pages (that are changed from the
Java code).
Currently, in Apache, I have some Ali
Hi guys.
I'm having trouble setting up DIGEST authentication for single webapp in
Tomcat 5.0.27.
does anyone have done it successfully
I'd appreciate some guidance in this area
Alex
I have a configuration of tomcat 4.1.17 which uses a JNDI realm to
authenticate to Active Directory Server. It works well. Unfortunately,
I must accomplish the same thing in a configuration of Tomcat 4.1.12 in
order to be in step with a vendor supplied tool. 4.1.12 is not able to
accomplish this
Awful typo... works much better when j_user_name is spelled j_username
Issue resolved.
Thanks.
fb.
Quoting Fred Blaise <[EMAIL PROTECTED]>:
> Hello all
>
> I have been trying to set up FORM based authentication, but it only works
> half-way.
> When I try to get to t
Hello all
I have been trying to set up FORM based authentication, but it only works
half-way.
When I try to get to the protected resource, it sends me to the login page:
good.
If I authenticate incorrectly, then it sends me to the login error page: good.
If I authenticate _correctly_, it also
om does not
use authentication. The second app deployed to a
subdomain of www.mydomain.com (i.e. dev.mydomain.com)
is deployed with FORM based authentication. Tomcat
correctly presents the login page when an attempt to
access a protected URI is made with the second app.
Unfortunately after submi
For example, Spec 2.3 specifies
The getRemoteUser method returns the user name the client used for
authentication. If no user has been authenticated, the getRemoteUser method
returns null.
getRemoteUser(): ... Whether the user name is sent with each subsequent
request depends on the browser and
On Fri, Sep 03, 2004 at 10:08:59AM +0200, [EMAIL PROTECTED] wrote:
: IMHO the best sollution would be to intercept the authentication process (I'm
working with Tomcat 4.x), to smuggle some custom code there that updates the
appropriate column in the database. The question is.. how can I do
Hi All,
I'm supposed to record the last login timestamp.
IMHO the best sollution would be to intercept the authentication process (I'm working
with Tomcat 4.x), to smuggle some custom code there that updates the appropriate
column in the database. The question is.. how can I do this?
I have a login form that works fine in my local
development environment with a single webapp deployed
to the default localhost "host". However, in a hosted
environment with multiple "host"s defined in my
server.xml Tomcat returns a 404 response and a blank
page. The html form follows the servlet
OK, thanks. I was reaching that conclusion. Thanks for the confirmation.
Dave
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 24, 2004 10:05 AM
To: Tomcat Users List
Subject: Re: Accessing LDAP after authentication
You'll need to connect to
You'll need to connect to LDAP via JNDI to get the other user attributes.
JNDIRealm only knows how to authenticate and authorize, not user information
retrieval.
To get the user name - request.getRemoteUser() or request.getUserPrincipal()
should give you enough information to perform your ldap
I've gotten a JndiRealm working with Tomcat to authenticate users from our
LDAP directory and allow them access to various parts of our web application
based on groups and roles. That works slick as snot. Now I'd like to pluck
a few more tidbits from our LDAP database -- email address, first name
RTFM. web.xml has ways to do this based on the HTTP error code
yours would be the 404 HTTP error code
Luis Urueña Frías escribió:
Hi!
I'm developing a java webapp over Tomcat 4.2, with client
certificate authentication.
Is there any way to configure a customize error page?
Hi!
I'm developing a java webapp
over Tomcat 4.2, with client certificate authentication.
Is there any way to configure a customize error
page?
When I enter in the webapp with an appropiate
certificate, HTTPS runs fine.
And when I enter without it, ssl handshake detects
an erro
Hi,
Thanks to you both, but my question is not so much about how
to get the user name in the request.
Instead, it's this: I need to use basic authentication (i.e. the browser
pops up the login), but then I need to run custom code to actually
check the login and password with an internal s
ng if I describe my situation, someone can help me
> >cut through the fog.
> >
> >I'm working on a simple web app that will feed custom RSS XML
> >to clients that must use basic authentication. In my application,
> >I need to do more than just look up users somewhe
d I'm totally confused.
I'm hoping if I describe my situation, someone can help me
cut through the fog.
I'm working on a simple web app that will feed custom RSS XML
to clients that must use basic authentication. In my application,
I need to do more than just look up users somewhere
lients that must use basic authentication. In my application,
I need to do more than just look up users somewhere. Instead, the
login/password values returned via basic authentication headers will be used
in some fairly complex ways to both authenticate and then
construct the custom response.
What is
I am having a bit of an intermittent problem with Realm Authentication.
I've got a jdbc realm (backed by hsql) configured for form based
authentication under Tomcat 4.1.30.
My application is developed on Struts 1.1.
The problem I'm running into is that even after entering correct
cred
Hi,
I'm running an application with SSL-client certificate authentication.
It works fine, except one servlet that serves a PDF document. Yet that
servlet worked fine on a Tomcat 4.x.
Now, on a Tomcat 5.0.25, I get the following problem : when my Internet
Explorer 6 requests for the servl
Forget about thatthen.. I will just put a sign in link which will try to
access the protected resource and then shoot the login page ;)
Dennis Dai wrote:
Then I guess you have to use your own authentication or modify the
FormAuthentication class ...
I believe TSS is using some kind of content
Then I guess you have to use your own authentication or modify the
FormAuthentication class ...
I believe TSS is using some kind of content management system (CMS),
more like a home grown one. Anyways, JBoss ported PostNuke (a CMS
written in PHP) to their platform, you might want to check it
I want to do exactly like the serverside.com
You have alogin form on each unprotected page thata llows you to login
So you can hit the news page, the discussion page, patterns etc...
without having to login, but each section offer the login form...
Dennis Dai wrote:
On 7/27/2004 10:34 AM,
That what Iwas saying previously.
So how can I put a login page on my home page to allow access to the
protected. Resources.
theserverside.com has it and all kinds of web sites.
Dennis Dai wrote:
On 7/27/2004 10:34 AM, Anastasios Angelidis wrote:
So if I understand you...
On my index page which i
On 7/27/2004 10:34 AM, Anastasios Angelidis wrote:
So if I understand you...
On my index page which is not protected put a form with
And somewhere at the top of page have something like
if(getUserPrincipal()) redirect
I guess we can both try it lol...
No, that won't work. The login page can
, IF I am correct..otherwise I'll put the second D hat on.
-Original Message-
From: Anastasios Angelidis [mailto:[EMAIL PROTECTED]
Sent: 27 July 2004 15:10
To: Tomcat Users List
Subject: Re: Beyond bassic form authentication?
That wont work.
Try navigating to the login page of the sec
getUserPrincipal() to forward the user to the protected part. But as
I say, IF I am correct..otherwise I'll put the second D hat on.
-Original Message-
From: Anastasios Angelidis [mailto:[EMAIL PROTECTED]
Sent: 27 July 2004 15:10
To: Tomcat Users List
Subject: Re: Beyond bassic form authentic
authenticate and then use getUserPrincipal()
to determine whether you need to redirect them to the secured pages.
-Original Message-
From: Anastasios Angelidis [mailto:[EMAIL PROTECTED]
Sent: 27 July 2004 14:34
To: Yiannis Mavroukakis
Subject: Re: Beyond bassic form authentication?
Yeah it will but
Hi,
I'm looking to do the same thing as Radu Radutiu (archive here :
http://www.junlu.com/msg/94462.html)
but when i use int the httpd.conf directives like "JkSet2 workerEnv sslEnable 1"
nothing work and apache don't start.
Do you know how to use JkSet under apache 1.3 on Windows ?
how to passe
lol the loging.jsp page from the sample barely has anything to scab! :P
Anyways scabbing doesn't help this case. As my authentication works. I
have another problem. I replied to this e-mail detailing the prblem.
Thanks.
Sternbergh, Cornell wrote:
I would guess that "code scabbing
assic form authentication?
Does any one have any ideas on this? What is code scabbing?
Thanks
Robert Harper wrote:
>Did you try scabbing code from the login.jsp? You may want to use that
and the
>user will gain access to the areas allowed with their group or role.
>
>Robert S. Harper
Ok then I think the problem is not understood ;)
My form authentication does work. In fact I scabbed the whole security
sample :P
Like I noted... When I type the protected resources URL in the browser
address bar. Tomcats authentication kicks in and redirects me to the
login page I specified
Anastasie I think what Robert means is you should "steal" some code
from the existing examples in Tomcat.
Yparxoune epishs kai alloi tropoi pou boreis na to kaneis ayto..boreis
kalista na exeis authentication mesw tou Apache kai enos module
pou koitaei gia valid accounts sthn
-
From: Anastasios Angelidis [mailto:[EMAIL PROTECTED]
Sent: Friday, July 23, 2004 7:37 AM
To: [EMAIL PROTECTED]
Subject: Beyond bassic form authentication?
So I setup my web app to use Form Authentication with a User Realm in my
MySQL DB. It all works fine. I type the protected resources URL
st will avoid other newbies to be stuck like I was.
Merci,
Laurent
> Message du 23/07/04 à 21h36
> De : "Michele Ouellet" <[EMAIL PROTECTED]>
> A : "Laurent Le Moux" <[EMAIL PROTECTED]>
> Copie à :
> Objet : Re: BASIC authentication not working, P
Hi,
I am trying to get application to authenticate so that the credentials
are carried into all subsequent request, what I have a persistence
realm that holds all the user/pasword and other info, I have a custom
login screen that we are using for all appservers websphere,weblogic
.. these other ap
asios Angelidis [mailto:[EMAIL PROTECTED]
Sent: Friday, July 23, 2004 7:37 AM
To: [EMAIL PROTECTED]
Subject: Beyond bassic form authentication?
So I setup my web app to use Form Authentication with a User Realm in my
MySQL DB. It all works fine. I type the protected resources URL into the
browser,
, July 23, 2004 7:37 AM
> To: [EMAIL PROTECTED]
> Subject: Beyond bassic form authentication?
>
> So I setup my web app to use Form Authentication with a User Realm in my
> MySQL DB. It all works fine. I type the protected resources URL into the
> browser, I get redirected to the log
So I setup my web app to use Form Authentication with a User Realm in my
MySQL DB. It all works fine. I type the protected resources URL into the
browser, I get redirected to the login page, I login and behold it works! ;)
Now how would I give access to a secure resource from an unsecure
There is only very minimal support for DIGEST authentication. So minimal that in
practice I can't see how it could be of any use at this point in time.
It is on the list to be improved, but no idea for when:
http://jakarta.apache.org/tomcat/tomcat-5.0-doc/status.html
Original Me
I think it supports digest authentication. However I
can not make it works even in the simplest case. I
have a basic tomcat 5 installation with one of my web
application. I'd like to use digest authentication(I
do not send password to server in clear text).
The configuration is like
Hello,
I found the following interesting answer from Craig R. McClanahan to Sim IJskes
concerning the use of BASIC authentication :
> I was able to get basic authentication working by editing the file
> "$TOMCAT_HOME/webapps/examples/WEB-INF/web.xml and changing the
> element
<[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 12, 2004 2:28 PM
Subject: Authentication method 'DIGEST'
>
> Does anyone know if the DIGEST authentication is supported by Tomcat
5?
> I have been trying to get it working with a Tomcat 5.0.24 on W
ED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, July 12, 2004 2:28 PM
Subject: Authentication method 'DIGEST'
>
> Does anyone know if the DIGEST authentication is supported by Tomcat
5?
> I have been trying to get it working with a Tomcat 5.0.24 on Windows
and the default
UserDatabase doesn't support DIGEST. In fact, it could be that only
MemoryRealm (which supports everything) does. However, I can't be bothered
to look :).
<[EMAIL PROTECTED]> wrote in message
news:[EMAIL PROTECTED]
>
> Does anyone know if the DIGEST authentication is supp
301 - 400 of 1842 matches
Mail list logo
