RE: web.xml authentication and Tomcat Realm
-Original Message- From: Felix Schumacher [mailto:felix.schumac...@internetallee.de] Sent: Thursday, 4 September 2014 3:29 PM To: Tomcat Users List Subject: Re: web.xml authentication and Tomcat Realm On 4. September 2014 05:35:42 MESZ, Dalecki, Janusz jdale...@tycoint.com wrote: Hi, I am just wondering whether somehow I can use web.xml login-config/ to point to the Tomcat JDBC Realm that I am using. Are those two completely disjoint or I can link them together. They are disjoint. web.xml is for the developer who has (almost) no knowledge of the context (environment) in which his application will run. context.xml (or equivalents) is the tool for the administrator to provide that knowledge to the application. Regards Felix Regards, Janusz This e-mail contains privileged and confidential information intended for the use of the addressees named above. If you are not the intended recipient of this e-mail, you are hereby notified that you must not disseminate, copy or take any action in respect of any information contained in it. If you have received this e-mail in error, please notify the sender immediately by e-mail and immediately destroy this e-mail and its attachments. Hi, Thanks for the reply. It might be silly question, but if I use web.xml login-config element – where do I specify password? I am probably missing something. Regards, Janusz - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org This e-mail contains privileged and confidential information intended for the use of the addressees named above. If you are not the intended recipient of this e-mail, you are hereby notified that you must not disseminate, copy or take any action in respect of any information contained in it. If you have received this e-mail in error, please notify the sender immediately by e-mail and immediately destroy this e-mail and its attachments. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Global JNDI resources lookup behavior difference between version 6.0.39 and 6.0.41/7.0.55
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Robert, On 9/3/14 7:47 PM, Robert Anderson wrote: Does anybody here use psi-probe for monitoring the Tomcat? Possibly, but your subject doesn't say anything about psi-probe, so perhaps it's being ignored by those folks. I think it's more likely that very few people use global JNDI resources. I just wanna know what changed in JNDI implemention of Tomcat. Where is the request in the bugzilla? I don't know. You could inspect a Subversion log between the two. It's no fun, but it will show you what actually changed instead of what was documented to have been changed. Chris, global datasources (java:/name) and application datasources (java:/comp/env/name) are differents in probe. Gotcha - I didn't catch the global versus local in your OP. Application datasources are working very well in any version of Tomcat. Good to know. Only the psi-probe cannot find global datasources to show in the datasources.html. :( Please read the issue: https://code.google.com/p/psi-probe/issues/detail?id=411 - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJUCG+9AAoJEBzwKT+lPKRYQ4IQAMaWQt+3Vs+HADVERe0/JfIj 7Q0P1LSZc48+ta6C1swKJKeN9DNhmVSLGMWi0RZVGsmxz7lRzr59SY2OV9slc6lT NaIvx0HR+4ctthFGWPXUSlurH8ys+eFN+amRwzccpzCRfU3dpyldiyO7vsTugYoP Itlb74SVgUxsOJiyAyCJBGUK++rJW8PUFYZN0IzbKegSAyCYAqJC91ZYF10V/74L 2WuhxPn9x4LB6EIF8ZLepzxSLfidiufbD3KbtUZ6T05LJhQdQl/Qz0o/A7e08Zba Dm01OPlvXdgHFwjjlZ0xzjXw/NZYfrCRN0jpwQ8vSb2uvCz7dZuXAnZwLEFskVd9 +PH262cjNytYW+ZSV2N4CTBf4PFTtvXOmiVy0VnnlCBTzXvbQqlp/gI7MuXByMtw KsEtchdskFmypMa1bgk0Q/zeLkMaTmsGTjQdTHaAyy78neR/UUAyaJkuBKtOTmUt lSx3LbL1oJvVAInJYNfLDvfrOZMSUBkAWPgfUNQ+I5hiRLwr6rFr5jKn5qgxhU9O iZbpl/4yfQB1IyOormpy1pzdbEpbJZbvqk0gGBvs0OJVVULORAxtcUCE4B8YSx8A Xv+1X10MwLlbSdRYqOeo1kzA+j0Z9uVsapgYwhpx2S5txxZjk4SZy2/6eZqIZlGQ CYMiEe7gsAZcUA9uWKW1 =OzAk -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: web.xml authentication and Tomcat Realm
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Janusz, On 9/4/14 2:30 AM, Dalecki, Janusz wrote: -Original Message- From: Felix Schumacher [mailto:felix.schumac...@internetallee.de] Sent: Thursday, 4 September 2014 3:29 PM To: Tomcat Users List Subject: Re: web.xml authentication and Tomcat Realm On 4. September 2014 05:35:42 MESZ, Dalecki, Janusz jdale...@tycoint.com wrote: Hi, I am just wondering whether somehow I can use web.xml login-config/ to point to the Tomcat JDBC Realm that I am using. Are those two completely disjoint or I can link them together. They are disjoint. web.xml is for the developer who has (almost) no knowledge of the context (environment) in which his application will run. context.xml (or equivalents) is the tool for the administrator to provide that knowledge to the application. It might be silly question, but if I use web.xml login-config element – where do I specify password? I am probably missing something. The Realm takes care of the credentials. For a DataSourceRealm of JDBCRealm, the usernames and passwords are stored in a relational database. For other Realms, the credentials are stored in other places. For instance, if you use a MemoryRealm, the passwords are typically stored in an XML file in CATALINA_BASE/conf/tomcat-users.xml. Using a MemoryRealm isn't really a good idea for a production system for a number of reasons. (Note that using JDBCRealm will give you terrible performance: use a DataSourceRealm instead with a JNDI DataSource.) You really need to read this: http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJUCHEbAAoJEBzwKT+lPKRYlbsP/jPqVIkl3MhZJdmswWD5AL5y proOErqB/ytVoT2TvvwSb4oXUe0NI/BqmbCCXW7oaExljcw7Dqvtbt+PH0oW5uAu G8BXAq2IhJrfrufz1pDZzxx/zWqlQZ1xTVwlKkdYHknx/0jv4IfwUsMZNwz9OeOa uAJAckflhSPY/qI3/pD9HNoFpZoUS/UEpbmxIeSrjf7jsTJdWI+64xuFXsv6d/1D /NbYpaf+AznqpSuKogjNy/HTb6B1cl8NESJyB+umwxSn7H0bO07GX+CRAzpFpQxt Li48qkFrMMZBvTGtQEZmMw+wyOQ28gQ9lLQFs1h2QAuFCGouoW59jY96NJzSuuu1 cSFGlUNcG4m9oW0zCNlpB0/YD0IODY13QVPPSqVFJhApg6m9uG4os/jb/aMNQ8xo 6Hv6ri2xYGOCC6f/lhaOR7nSdeFEUSin+XHkF1y6xCBNmBSaZMjDbTt2xga134Fl dis1i3zEd7W+EZjiY/jerpRWMGuE9oR1g+PbYbVSnU/Ts+sjqvZflJmtgE+MdJ8a AHPcX0x+8PfPlYBs6yzm0nAHxxqiQdijzzBCwi8KZr7UQPWCtUaHIjmaljUJ+eST 9U3Ue/ePrdyiJm18p7TmfeKI+aDR8g09oadbb9fOKCUz3DyLRH7Qo9uLmBCzZOIt 3LJeFneb/hJ25+opQa7X =fCiU -END PGP SIGNATURE- - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Global JNDI resources lookup behavior difference between version 6.0.39 and 6.0.41/7.0.55
2014-09-04 10:57 GMT-03:00 Christopher Schultz ch...@christopherschultz.net : I don't know. You could inspect a Subversion log between the two. It's no fun, but it will show you what actually changed instead of what was documented to have been changed. It's exactly what I'm doing at this moment. :)
New warning at Tomcat Startup
Hi, I am using JDK 1.7.0_67 and Tomcat 7.0.55. At application startup I am seeing a bunch of below messages flying by. The messages have not been observed with Tomcat 7.042. There are exactly 135 of them, which is the sum of the jars in $CATALINA_HOME/lib and my applications WEB-INF/lib. Two questions: 1) Has something changed between 7.0.42 and 7.0.55, that could cause this 2) How can one find out which jars are problematic 3) Can one stifle the message without modifying all 135 jars ### Sep 04, 2014 4:23:21 PM java.util.jar.Attributes read WARNING: Duplicate name in Manifest: Depends-On. Ensure that the manifest does not have duplicate entries, and that blank lines separate individual sections in both your manifest and in the META-INF/MANIFEST.MF entry in the jar file. ### TIA Martin -- -- Martin Knoblauch email: k n o b i AT knobisoft DOT de www: http://www.knobisoft.de
Re: New warning at Tomcat Startup
On 04/09/2014 15:38, Martin Knoblauch wrote: Hi, I am using JDK 1.7.0_67 and Tomcat 7.0.55. At application startup I am seeing a bunch of below messages flying by. The messages have not been observed with Tomcat 7.042. There are exactly 135 of them, which is the sum of the jars in $CATALINA_HOME/lib and my applications WEB-INF/lib. Two questions: I count three questions, not two. 1) Has something changed between 7.0.42 and 7.0.55, that could cause this Nothing jumps out at me in the changelog. 2) How can one find out which jars are problematic Not easily. Your best bet would be to write a short app that parsed the Manifest of each Jar file in turn. 3) Can one stifle the message without modifying all 135 jars Change the log level for java.util.jar to ERROR. Mark ### Sep 04, 2014 4:23:21 PM java.util.jar.Attributes read WARNING: Duplicate name in Manifest: Depends-On. Ensure that the manifest does not have duplicate entries, and that blank lines separate individual sections in both your manifest and in the META-INF/MANIFEST.MF entry in the jar file. ### TIA Martin - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: New warning at Tomcat Startup
On Thu, Sep 4, 2014 at 4:58 PM, Mark Thomas ma...@apache.org wrote: On 04/09/2014 15:38, Martin Knoblauch wrote: Hi, I am using JDK 1.7.0_67 and Tomcat 7.0.55. At application startup I am seeing a bunch of below messages flying by. The messages have not been observed with Tomcat 7.042. There are exactly 135 of them, which is the sum of the jars in $CATALINA_HOME/lib and my applications WEB-INF/lib. Two questions: I count three questions, not two. Yeah, I cannot count to 3 ... 1) Has something changed between 7.0.42 and 7.0.55, that could cause this Nothing jumps out at me in the changelog. It seems it happens between 7.0.42 and 7.0.47. I would bisect, but cannot find any tarballs between those two releases. 2) How can one find out which jars are problematic Not easily. Your best bet would be to write a short app that parsed the Manifest of each Jar file in turn. Have to think about it. Time you know. But thanks. 3) Can one stifle the message without modifying all 135 jars Change the log level for java.util.jar to ERROR. Not really desirable. The warning shows that something is fishy in my setup. Thanks Martin Mark ### Sep 04, 2014 4:23:21 PM java.util.jar.Attributes read WARNING: Duplicate name in Manifest: Depends-On. Ensure that the manifest does not have duplicate entries, and that blank lines separate individual sections in both your manifest and in the META-INF/MANIFEST.MF entry in the jar file. ### TIA Martin -- -- Martin Knoblauch email: k n o b i AT knobisoft DOT de www: http://www.knobisoft.de
java.lang.UnsatisfiedLinkError in Tomcat 8.0.11 and SPDY
Hello, I have this error configuring SPDY in Tomcat 8.0.11 in RHEL Linux 6.4 (64bit). Everything works fine removing npnHandler attribute for SPDY. Sep 04, 2014 9:30:02 AM org.apache.catalina.core.AprLifecycleListener init INFO: Loaded APR based Apache Tomcat Native library 1.1.31 using APR version 1.3.9. Sep 04, 2014 9:30:02 AM org.apache.catalina.core.AprLifecycleListener init INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. .. Sep 04, 2014 9:30:55 AM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler [http-apr-xx.xx.xx.xx-443] java.lang.UnsatisfiedLinkError: org.apache.tomcat.jni.SSLExt.setNPN(J[BI)I at org.apache.tomcat.jni.SSLExt.setNPN(Native Method) at org.apache.tomcat.jni.SSLExt.setNPN(SSLExt.java:126) at org.apache.coyote.spdy.SpdyAprNpnHandler.init(SpdyAprNpnHandler.java:76) at org.apache.coyote.http11.Http11AprProtocol.start(Http11AprProtocol.java:211) at org.apache.catalina.connector.Connector.startInternal(Connector.java:986) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.StandardService.startInternal(StandardService.java:458) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.StandardServer.startInternal(StandardServer.java:760) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.startup.Catalina.start(Catalina.java:625) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:351) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:485) Sep 04, 2014 9:30:55 AM org.apache.coyote.spdy.SpdyAprNpnHandler init WARNING: SPDY/NPN not supported Machine info: Red Hat Enterprise Linux Server release 6.4 (Santiago) Linux xx.com 2.6.32-358.14.1.el6.x86_64 #1 SMP Mon Jun 17 15:54:20 EDT 2013 x86_64 x86_64 x86_64 GNU/Linux Java version: java version 1.7.0_51 Java(TM) SE Runtime Environment (build 1.7.0_51-b13) Java HotSpot(TM) 64-Bit Server VM (build 24.51-b03, mixed mode) server.xml configuration Connector port=443 address=xx.xx.xx.xx npnHandler=org.apache.coyote.spdy.SpdyAprNpnHandler protocol=HTTP/1.1 SSLEnabled=true maxThreads=150 scheme=https secure=true sslProtocol=TLS SSLCertificateFile=/xx SSLCertificateKeyFile=/xx SSLCACertificateFile=/xx/ Thanks in advance, R.Levy - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
How a script can determine latest version of Tomcat
I have a small program that downloads and installs an arbitrary version of Tomcat, using the API provided by Apache to select the proper mirror, and so forth. The script currently takes the Tomcat version as an argument. My script provides a default (which in my case is the latest version of Tomcat 7), but I have to manually update that default whenever I notice a new version has been released. What would be the best way for the script itself to determine the latest available version? Obviously I would give points for easy and points for robust, knowing that those two things might be in conflict. I can think of many horrifying ways to do it: * loop through integers starting with the last known version, attempting to download 7.0.x, until getting a 404 * scraping and parsing the HTML at http://archive.apache.org/dist/tomcat/tomcat-7/, which I expect is rather stable So my challenge isn't coming up with *a* way to do it, but coming up with the best way. Suggestions? -- David P. Caldwell http://www.davidpcaldwell.com/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
[ANN] Apache Tomcat 8.0.12 available
The Apache Tomcat team announces the immediate availability of Apache Tomcat 8.0.12. Apache Tomcat 8 is an open source software implementation of the Java Servlet, JavaServer Pages, Java Unified Expression Language and Java WebSocket technologies. Apache Tomcat 8.0.12 includes numerous fixes for issues identified in 8.0.11 as well as a number of other enhancements and changes. The notable changes since 8.0.11 include: - Fix a regression in the processing of includes and forwards when Contexts had been reloaded. - Session ID generation is now extensible - Extend support for the permessage-deflate extension to compression of outgoing messages on the server side Please refer to the change log for the complete list of changes: http://tomcat.apache.org/tomcat-8.0-doc/changelog.html Downloads: http://tomcat.apache.org/download-80.cgi Migration guides from Apache Tomcat 5.5.x, 6.0.x and 7.0.x: http://tomcat.apache.org/migration.html Enjoy! - The Apache Tomcat team [1] - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How a script can determine latest version of Tomcat
The current version mirrors link might help you eg: http://mirrors.ukfast.co.uk/sites/ftp.apache.org/tomcat/tomcat-7/ Sent from my iPhone On 4 Sep 2014, at 18:48, David P. Caldwell da...@code.davidpcaldwell.com wrote: I have a small program that downloads and installs an arbitrary version of Tomcat, using the API provided by Apache to select the proper mirror, and so forth. The script currently takes the Tomcat version as an argument. My script provides a default (which in my case is the latest version of Tomcat 7), but I have to manually update that default whenever I notice a new version has been released. What would be the best way for the script itself to determine the latest available version? Obviously I would give points for easy and points for robust, knowing that those two things might be in conflict. I can think of many horrifying ways to do it: * loop through integers starting with the last known version, attempting to download 7.0.x, until getting a 404 * scraping and parsing the HTML at http://archive.apache.org/dist/tomcat/tomcat-7/, which I expect is rather stable So my challenge isn't coming up with *a* way to do it, but coming up with the best way. Suggestions? -- David P. Caldwell http://www.davidpcaldwell.com/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How a script can determine latest version of Tomcat
On 04/09/2014 19:18, Geoff Meakin wrote: The current version mirrors link might help you eg: http://mirrors.ukfast.co.uk/sites/ftp.apache.org/tomcat/tomcat-7/ There are times (normally just after a release) when multiple versions will show up there. Mark Sent from my iPhone On 4 Sep 2014, at 18:48, David P. Caldwell da...@code.davidpcaldwell.com wrote: I have a small program that downloads and installs an arbitrary version of Tomcat, using the API provided by Apache to select the proper mirror, and so forth. The script currently takes the Tomcat version as an argument. My script provides a default (which in my case is the latest version of Tomcat 7), but I have to manually update that default whenever I notice a new version has been released. What would be the best way for the script itself to determine the latest available version? Obviously I would give points for easy and points for robust, knowing that those two things might be in conflict. I can think of many horrifying ways to do it: * loop through integers starting with the last known version, attempting to download 7.0.x, until getting a 404 * scraping and parsing the HTML at http://archive.apache.org/dist/tomcat/tomcat-7/, which I expect is rather stable So my challenge isn't coming up with *a* way to do it, but coming up with the best way. Suggestions? -- David P. Caldwell http://www.davidpcaldwell.com/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: How a script can determine latest version of Tomcat
On Thu, Sep 4, 2014 at 1:48 PM, David P. Caldwell da...@code.davidpcaldwell.com wrote: I have a small program that downloads and installs an arbitrary version of Tomcat, using the API provided by Apache to select the proper mirror, and so forth. The script currently takes the Tomcat version as an argument. My script provides a default (which in my case is the latest version of Tomcat 7), but I have to manually update that default whenever I notice a new version has been released. What would be the best way for the script itself to determine the latest available version? Obviously I would give points for easy and points for robust, knowing that those two things might be in conflict. I can think of many horrifying ways to do it: * loop through integers starting with the last known version, attempting to download 7.0.x, until getting a 404 * scraping and parsing the HTML at http://archive.apache.org/dist/tomcat/tomcat-7/, which I expect is rather stable I did this recently for Tomcat 8. Here's the command I used, which works on my Mac. LATEST_VERSION=$(curl -s http://tomcat.apache.org/download-80.cgi | grep h3 id=\8.0. | xpath '/h3/text()' 2/dev/null) A slight variation works on Ubuntu if you install xpath. LATEST_VERSION=$(curl -s http://tomcat.apache.org/download-80.cgi | grep h3 id=\8.0. | xpath -e '/h3/text()' 2/dev/null) I'm sure there are other ways to do it, this was just the first one I put together that worked for me. Dan So my challenge isn't coming up with *a* way to do it, but coming up with the best way. Suggestions? -- David P. Caldwell http://www.davidpcaldwell.com/ - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Share point integration
Hi All I have a requirement where I need to access share point 2013 site in one of the site developed on Tomcat Server. Site on Tomcat server has its own authentication mechanism and share point 2013 is authenticated via LDAP. Any ideas on how to get the share point website into a website running on Tomcat. Any help in this regard is appreciated. Thanks NK
Re: java.lang.UnsatisfiedLinkError in Tomcat 8.0.11 and SPDY
2014-09-04 20:06 GMT+04:00 rolandl...@web.de: Hello, I have this error configuring SPDY in Tomcat 8.0.11 in RHEL Linux 6.4 (64bit). Everything works fine removing npnHandler attribute for SPDY. Sep 04, 2014 9:30:02 AM org.apache.catalina.core.AprLifecycleListener init INFO: Loaded APR based Apache Tomcat Native library 1.1.31 using APR version 1.3.9. Sep 04, 2014 9:30:02 AM org.apache.catalina.core.AprLifecycleListener init INFO: APR capabilities: IPv6 [true], sendfile [true], accept filters [false], random [true]. .. Sep 04, 2014 9:30:55 AM org.apache.coyote.AbstractProtocol start INFO: Starting ProtocolHandler [http-apr-xx.xx.xx.xx-443] java.lang.UnsatisfiedLinkError: org.apache.tomcat.jni.SSLExt.setNPN(J[BI)I at org.apache.tomcat.jni.SSLExt.setNPN(Native Method) Your copy of Tomcat-Native library was compiled without NPN support and does not have the above method. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: New warning at Tomcat Startup
2014-09-04 19:55 GMT+04:00 Martin Knoblauch knobis...@gmail.com: It seems it happens between 7.0.42 and 7.0.47. I would bisect, but cannot find any tarballs between those two releases. Those versions have been votes as broken and not released. 2) How can one find out which jars are problematic Not easily. Your best bet would be to write a short app that parsed the Manifest of each Jar file in turn. Have to think about it. Time you know. But thanks. a) You may try debugging: https://wiki.apache.org/tomcat/FAQ/Developing#Debugging You could get stack trace and function arguments (such as file name). b) You may use zip archiver (or jar archiver from JDK) to unpack their manifest files and read through them. c) JDK 7u67 source code for java.util.jar.Attributes contains [[[ if ((putValue(name, value) != null) (!lineContinued)) { PlatformLogger.getLogger(java.util.jar).warning( Duplicate name in Manifest: + name + .\n + Ensure that the manifest does not + have duplicate entries, and\n + that blank lines separate + individual sections in both your\n + manifest and in the META-INF/MANIFEST.MF + entry in the jar file.); } ]]] None of Tomcat jars have Depends-On entry in their manifests. Such an entry is surely not the first one in the file (the first one should be Manifest-Version), so it is unlikely that the manifest file is being read twice. Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
RE: web.xml authentication and Tomcat Realm
-Original Message- From: Christopher Schultz [mailto:ch...@christopherschultz.net] Sent: Friday, 5 September 2014 12:03 AM To: Tomcat Users List Subject: Re: web.xml authentication and Tomcat Realm -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Janusz, On 9/4/14 2:30 AM, Dalecki, Janusz wrote: -Original Message- From: Felix Schumacher [mailto:felix.schumac...@internetallee.de] Sent: Thursday, 4 September 2014 3:29 PM To: Tomcat Users List Subject: Re: web.xml authentication and Tomcat Realm On 4. September 2014 05:35:42 MESZ, Dalecki, Janusz jdale...@tycoint.com wrote: Hi, I am just wondering whether somehow I can use web.xml login-config/ to point to the Tomcat JDBC Realm that I am using. Are those two completely disjoint or I can link them together. They are disjoint. web.xml is for the developer who has (almost) no knowledge of the context (environment) in which his application will run. context.xml (or equivalents) is the tool for the administrator to provide that knowledge to the application. It might be silly question, but if I use web.xml login-config element – where do I specify password? I am probably missing something. The Realm takes care of the credentials. For a DataSourceRealm of JDBCRealm, the usernames and passwords are stored in a relational database. For other Realms, the credentials are stored in other places. For instance, if you use a MemoryRealm, the passwords are typically stored in an XML file in CATALINA_BASE/conf/tomcat-users.xml. Using a MemoryRealm isn't really a good idea for a production system for a number of reasons. (Note that using JDBCRealm will give you terrible performance: use a DataSourceRealm instead with a JNDI DataSource.) You really need to read this: http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html - -chris -BEGIN PGP SIGNATURE- Version: GnuPG v1 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJUCHEbAAoJEBzwKT+lPKRYlbsP/jPqVIkl3MhZJdmswWD5AL5y proOErqB/ytVoT2TvvwSb4oXUe0NI/BqmbCCXW7oaExljcw7Dqvtbt+PH0oW5uAu G8BXAq2IhJrfrufz1pDZzxx/zWqlQZ1xTVwlKkdYHknx/0jv4IfwUsMZNwz9OeOa uAJAckflhSPY/qI3/pD9HNoFpZoUS/UEpbmxIeSrjf7jsTJdWI+64xuFXsv6d/1D /NbYpaf+AznqpSuKogjNy/HTb6B1cl8NESJyB+umwxSn7H0bO07GX+CRAzpFpQxt Li48qkFrMMZBvTGtQEZmMw+wyOQ28gQ9lLQFs1h2QAuFCGouoW59jY96NJzSuuu1 cSFGlUNcG4m9oW0zCNlpB0/YD0IODY13QVPPSqVFJhApg6m9uG4os/jb/aMNQ8xo 6Hv6ri2xYGOCC6f/lhaOR7nSdeFEUSin+XHkF1y6xCBNmBSaZMjDbTt2xga134Fl dis1i3zEd7W+EZjiY/jerpRWMGuE9oR1g+PbYbVSnU/Ts+sjqvZflJmtgE+MdJ8a AHPcX0x+8PfPlYBs6yzm0nAHxxqiQdijzzBCwi8KZr7UQPWCtUaHIjmaljUJ+eST 9U3Ue/ePrdyiJm18p7TmfeKI+aDR8g09oadbb9fOKCUz3DyLRH7Qo9uLmBCzZOIt 3LJeFneb/hJ25+opQa7X =fCiU -END PGP SIGNATURE- Hi, Sorry I need to explain my problem more clearly. I have put JDBCRealm configuration with all details in the META-INF folder: Realm className=org.apache.catalina.realm.JDBCRealm driverName=org.postgresql.Driver connectionURL=jdbc:postgresql://localhost:5432/df_Scheduler?user=postgresamp;password=admin userTable=users userNameCol=userName userCredCol=password userRoleTable=user_roles roleNameCol=roleName/ In my web.xml I have login-config element and security constraint as follows: security-constraint web-resource-collection web-resource-nameAdmin/web-resource-name url-pattern/auth/*/url-pattern /web-resource-collection auth-constraint role-nameSYSADMIN/role-name /auth-constraint /security-constraint security-role role-nameSYSADMIN/role-name /security-role login-config auth-methodBASIC/auth-method !--realm-nameAdmin/realm-name-- /login-config I have defined users and passwords as explained in the TOMCAT Realm Configuration – HOW TO. When I ask for a page */auth/* the user/password dialog box pops up and no matter what I type in in user name field and password field and pops up again for ever. What am I doing wrong? Regards, Janusz - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org This e-mail contains privileged and confidential information intended for the use of the addressees named above. If you are not the intended recipient of this e-mail, you are hereby notified that you must not disseminate, copy or take any action in respect of any information contained in it. If you have received this e-mail in error, please notify the sender immediately by e-mail and immediately destroy this e-mail and its attachments.