HELP! login-config problems
Hi, I've posted this a few times and am trying one last time. When I run my .war file in a regular 4.0.3 server, using an auth-method of either BASIC or FORM, it works fine. However, if I run it in an embedded version of the same server, I get errors. With BASIC, the browser never shows the dialog, but just fails the login immediately. That is, it calls the Principal authenticate (String username, String credentials) right away, without even putting up the dialog. It then prints the following error to the log: HttpProcessor[8080][4] process.invokeInvalid user ID With the FORM login, a successful login caused the browser to redirect to one of the image files on the login page, rather than to the welcome page. An unsuccessful login fails to bring up the specified form-error-page. Either I'm misconfiguring something, or embedded Tomcat is EXTREMELY buggy when it comes to login-config implementation. BTW I did upgrade to 4.0.4 and the same problems happened. I'm using the o.a.c.startup.Embedded class, and am following the directions described in James Goodwill's Apache Jakarta-Tomcat book (with the correct .jar files that he lists in his article.) Has anyone had any experience with this? I really do need some help here, I'm on a pretty scary deadline. Thanks! Noah p.s. I will my web.xml file to anyone who asks, just didn't want to clutter up your mailbox right away. -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
RE: HELP! login-config problems
Thanks for the reply! Unfortunately I did upgrade to 4.0.4 and I'm still having the same problem. Maybe I don't have all the .jar files I need in my CLASSPATH? (Which .jars to use was always unclear.) Here are the ones I am using: bootstrap.jar catalina.jar jakarta-regexp-1.2.jar jasper-compiler.jar jasper-runtime.jar jndi.jar naming-common.jar naming-factory.jar naming-resources.jar servlet.jar servlets-cgi.jar servlets-common.jar servlets-default.jar servlets-invoker.jar servlets-manager.jar servlets-ssi.jar servlets-webdav.jar tomcat-http11.jar tomcat-util.jar xerces.jar Also, here is my web.xml file: web-app servlet servlet-nameController/servlet-name servlet-classcom.acme.admin.web.Controller/servlet-class /servlet servlet-mapping servlet-nameController/servlet-name url-pattern*.ctrl/url-pattern /servlet-mapping session-config session-timeout15/session-timeout /session-config welcome-file-list welcome-filemain.html/welcome-file /welcome-file-list security-constraint web-resource-collection web-resource-nameAdmin App/web-resource-name url-pattern/*/url-pattern /web-resource-collection auth-constraint role-nameAdmin/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameAdmin App/realm-name /login-config /web-app In addition to this I also have the standard default web.xml file the /conf subdirectory. I'd also put in the code snippet where I set up the Embedded but I don't want to inundate you with stuff :-) So as I said it's still not working. If you see anything missing from the jars, anything wrong with my web.xml file, or have any other ideas, any help is much appreciated! Thanks again! noah On 20 Jun 2002, [EMAIL PROTECTED] wrote: It is a bug in tomcat 4.0.3. I had the same problem until using 4.0.4. Bao-Ha Dam Bui [EMAIL PROTECTED] S. Jude Medical, Inc 651.765.1018 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Thursday, June 20, 2002 11:49 AM To: [EMAIL PROTECTED] Subject: HELP! login-config problems Hi, I've posted this a few times and am trying one last time. When I run my .war file in a regular 4.0.3 server, using an auth-method of either BASIC or FORM, it works fine. However, if I run it in an embedded version of the same server, I get errors. With BASIC, the browser never shows the dialog, but just fails the login immediately. That is, it calls the Principal authenticate (String username, String credentials) right away, without even putting up the dialog. It then prints the following error to the log: HttpProcessor[8080][4] process.invokeInvalid user ID With the FORM login, a successful login caused the browser to redirect to one of the image files on the login page, rather than to the welcome page. An unsuccessful login fails to bring up the specified form-error-page. Either I'm misconfiguring something, or embedded Tomcat is EXTREMELY buggy when it comes to login-config implementation. BTW I did upgrade to 4.0.4 and the same problems happened. I'm using the o.a.c.startup.Embedded class, and am following the directions described in James Goodwill's Apache Jakarta-Tomcat book (with the correct .jar files that he lists in his article.) Has anyone had any experience with this? I really do need some help here, I'm on a pretty scary deadline. Thanks! Noah p.s. I will my web.xml file to anyone who asks, just didn't want to clutter up your mailbox right away. -- To unsubscribe, e-mail: mailto:tomcat-user-u- [EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Any other Tomcat mailing lists/newsgroups/resources besides this one?
Hi, Are there any others besides this one? Not that this one isn't good, but I'd just like a few alternate sources. Thanks, Noah -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Troubles with login-config with Embedded 4.1 ?
Hi, I've been running webapps fine in my software using the Embedded class in version 4.1. However, since I tried adding a login-config to my web.xml, I've been getting extremely strange behavior. Before continuing, I should add that I've tried my .war file with the same web.xml in a regular Tomcat install and it works fine. For example, if I try using BASIC auth-method, the browser never even shows the login window. Instead, I immediately get this error message in the log: HttpProcessor[8080][4] process.invokeInvalid user ID If I use FORM auth-method, the login works semi-ok, except that when the login is successful, the browser goes to an image file in one of the frames of my login page, rather than to the designated welcome-file. Also, entering the login page via the back button, and then pressing the submit button, causes an error saying that it cannot find the page j_security_check, which as we all know is not a page but the standard script name for using form logins in the servlet spec. Again, I've used this .war and web.xml in a standard Tomcat 4.1 install and all authentication worked fine. My embedded server does have access to a default web.xml. My app is in a .war file called admin.war. Finally, I should mention that I'm using my own custom Realm implementation, but I don't think this matters - all the problems seem to happen before the Realm's methods are invoked. Any help in this dept. is appreciated. Below, I'm posting my web.xml file. Thanks again for any help! -noah ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN http://java.sun.com/dtd/web-app_2_3.dtd; web-app !-- Admin Controller Servlet -- servlet servlet-nameController/servlet-name servlet-classcom.acme.admin.web.Controller/servlet-class /servlet !-- The mapping for the Admin Controller Servlet -- servlet-mapping servlet-nameController/servlet-name url-pattern*.ctrl/url-pattern /servlet-mapping !-- Session Timeout is 15 minutes -- session-config session-timeout15/session-timeout /session-config !-- Welcome file is main.html -- welcome-file-list welcome-filemain.html/welcome-file /welcome-file-list !-- LOGIN CONSTRAINTS -- security-constraint web-resource-collection web-resource-nameAdmin App/web-resource-name url-pattern/*/url-pattern http-methodGET/http-method http-methodPOST/http-method /web-resource-collection auth-constraint role-nameAdmin/role-name /auth-constraint /security-constraint !-- BASIC login -- login-config auth-methodBASIC/auth-method realm-nameAdmin App/realm-name /login-config !-- FORM login - commented out -- !-- login-config auth-methodFORM/auth-method form-login-config form-login-page/login.html/form-login-page form-error-page/loginfailed.html/form-error-page /form-login-config /login-config -- security-role role-nameAdmin/role-name /security-role /web-app -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]