where is setUserPrincipal() ?

2004-03-22 Thread Bob Langford 
I've been looking at the various methods of doing access control, and
many of the messages I've seen (on this list and elsewhere) mention
doing something like:
hrequest.setUserPrincipal( new MyPrincipal(username) );

so that other code can call getUserPrincipal(), etc.

But there is no setUserPrincipal method on the HttpServletRequest,
as far as I (and my compiler) can see.  What's going on?  Am I supposed
to use some non-standard wrapper for the request?
Thanks for any help!

--
Bob Langford
Silicon Masters Consulting, Inc.8207 Stone River Court, Richmond, VA  23235
phone:  804-674-1253  fax:  804-745-7803 
http://www.silicon-masters.com/  



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Advice wanted about mapping URIs to pages

2003-09-06 Thread Bob Langford 
I'm trying to decide how to lay out my application.  The major question
is how to make Tomcat run it, but ideas for better organization would
be welcome also.
I'd better describe the setup, even though it's a bit lengthy.  I'm running
a separate instance of Tomcat, dedicated to this project.  It's got two major
sections: access control and content.
1) The access control is a set of JSP pages (using Struts) that handle
   user signup, login, etc.  I have written a Filter that checks credentials
   on each page.
2) The content is a bunch of static HTML, GIFs, Flash, etc.  Down the road
   there will also be some JSP here.  This stuff is written by another person,
   and mostly already exists.
I'd like to have the directory|  Accessed from URI's such as these:
layout like this: |
./tomcat/webapps/control.war xyz.com/
./web/public/*.html  xyz.com/public/foo.html
./web/basic/*.html   xyz.com/good/bar.html
./web/deluxe/*.html  xyz.com/better/some.pdf
./web/premier/*.html xyz.com/best/cool.swf
The first one seems straightforward.  The others are a bit harder.  It's not
going to be possible to put them into a .WAR file, and they're going to
be updated constantly.  They're not under the $CATALINA_BASE/webapps directory,
so I don't know how to tell Tomcat to find them.  Maybe symbolic links?
The hard part is context.  My custom Filter has to apply to all the 
directories
under ./web, but also access the Session and other data that is part of 
control.war,
and I've had trouble doing that.  It would be easy to have them be separate 
apps,
but I can't get my authentication working that way.

Any suggestions or ideas would be greatly appreciated.  I'm still 
experimenting,
but I feel like every idea I've tried is an ugly hack.  I'd rather be 
elegant :-)

Thanks!

P.S.  Infrastructure:  Linux 2.4.x, Tomcat 4.1.27, Struts 1.1.  Solutions 
don't
have to be portable to other software.  I'd rather not use Tomcat 5, 
though.  (Yet)

--
Bob Langford
Silicon Masters Consulting, Inc.8207 Stone River Court, Richmond, VA  23235
phone:  804-674-1253  fax:  804-745-6650 
http://www.silicon-masters.com/  



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: Multiple Tomcat instances for virtual hosts

2003-09-06 Thread Bob Langford 
Your plan should work pretty well.  I do something similar myself.  The major
difference is that I use one installation of Tomcat for all the sites.
I have a script to start tomcat for each site, that points CATALINA_HOME to 
the
shared Tomcat binaries, and CATALINA_BASE to the conf/, logs/, temp/, 
work/, and
webapps/ directories for the site:

file /home/site1/tomcat/catalina:
  #!/bin/sh
  CATALINA_BASE = /home/site1/tomcat
  CATALINA_HOME = /usr/share/tomcat4  (or whatever)
  CATALINA_OPTS = -server  (maybe others)
  export CATALINA_BASE CATALINA_HOME CATALINA_OPTS
  $CATALINA_BASE/bin/catalina.sh  $*
I can do   ./catalina start, ./catalina stop,etc to control each
site.  It works pretty well, especially if you're developing one site while
others are in production.
Two things to watch for:
1)  You are correct that you have to use different ports for each 
server.xml file.
I declared that site one could have ports between 8100-8199, site 2 between 
8200-8299,
etc.  Each project can use whatever they want in their range.

2)  Since these Tomcat instances listen on ports above 1024, they don't 
need to
be started by the root user.  If they did, I'd be very wary of putting the
server.xml file (and other config files and scripts) where the user could
modify them.  Also, your system boot procedures need to take some steps to
start them using the correct username.

3)  I use Apache as a front end for all these Tomcat instances, using a proxy
instead of JK or JK2.  In each virtual host, there's something like this:
ProxyPass /examples/ http://localhost:8181/examples/
ProxyPassReverse  /examples/ http://localhost:8181/examples/
There are two nice things about this:  Apache logs everything, making it
easier to do usage reports.  And, all the connections to Tomcat come
from Apache and localhost, so I can block outside connections to all
ports except the ones Apache listens to.  However, it's still possible for
user A to change his server.xml file to listen to a port that's being sent
traffic for user B.  For my purposes, that's not an issue; for others, it
may be.
Good luck!
...Bob Langford...
At 02:12 PM 9/6/2003, you wrote:
Hi,

I have Apache 1.3 and Tomcat 4.1.8 on a Red Hat 9 machine.

Apache serves several virutal hosts. We have one Tomcat instance running 
with several web contexts, one context for each virtual host.

Now I would like to change this to have one Tomcat instance for each 
virtual host (this is necessary because Tomcat sometimes crashes, and I 
don't want all virtual hosts to be down then).

I read a book about Tomcat and searched the Web, but could not find out 
how to do this. What I assume is:

In Apache's httpd.conf I have something (after the import of mod_jk):

NameVirtualHost 200.200.200.200 (or whatever)

VirtualHost 200.200.200.200
ServerName www.xxx.com
DocumentRoot /tomcat1/webapps/xxx
JkMount /servlet/* worker1
JkMount /*.jsp worker1
JkMount /*.do worker1
/VirtualHost
VirtualHost 200.200.200.200
ServerName www.yyy.com
DocumentRoot /tomcat2/webapps/yyy
JkMount /servlet/* worker2
JkMount /*.jsp worker2
JkMount /*.do worker2
/VirtualHost
Then I will install Tomcat two times, in /tomcat1 and /tomcat2.

The server.xml of each Tomcat contains different ports (for shutdown and 
for the connector for ajp13).

The workers.properties should look like:

worker.list=worker1,worker2
...
worker.worker1.port=8009
worker.worker1.host=localhost
worker.worker1.type=ajp13
...
worker.worker1.port=8010
worker.worker1.host=localhost
worker.worker1.type=ajp13
Is this all correct? Should that work?

Thomas



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
Bob Langford
Silicon Masters Consulting, Inc.8207 Stone River Court, Richmond, VA  23235
phone:  804-674-1253  fax:  804-745-6650 
http://www.silicon-masters.com/  



-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]