Re: Keycloak-adapter compatible version
Hi Navya, Am 13.10.23 um 07:49 schrieb Navya: I am trying to upgrade the tomcat 9 to 10 version, May I know which version of the keycloak adapter is compatible with tomcat10? Which or what kind of ,,keycloak adapter'' do you use with your current tomcat9 version ? -- Greets Bernd Schatz - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Keycloak integration with tomcat10
Hi Aniket, Am 12.10.23 um 15:19 schrieb Aniket Pachpute: We wanted to integrate keycloak with tomcat 10. I saw that keycloak does not provide any client adapter compatible with tomcat10. Could you please suggest if there is any other way to integrate keycloak with tomcat10? For oidc integration you can use libraries like nimbusd: https://connect2id.com/products/nimbus-oauth-openid-connect-sdk Or, if you use an apache webserver in front of your tomcat, you can also use an oidc-module for apache, e.g.: https://github.com/OpenIDC/mod_auth_openidc -- Greets Bernd Schatz - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JASPIC AuthConfigProvider packaged with the web application not found
Hi Matthias, Am 23.09.21 um 08:03 schrieb Keil, Matthias (ORISA Software GmbH): Yes, I would like to define my Server Auth module in the jaspic-providers.xml and then provide the class with the web application. As far as of now, i have only two scenarios in my mind: 1) Transparent for developers/applications * Developer defines the security constraints with e.g. basic authentication in their web.xml * Operating places oidc-lib and the jaspci xml-configuration in tomcat. --> Same war-file can be used for development and production --> The developer doesnt know anything about oidc. 2) Transparent for operating. * Developer put the oidc-lib in their application and is responsible to register the AuthProvider class. In both cases, i assume there exist only one oidc provider in the company (maybe federated with other external oidc provider) with one corresponding oidc-lib implementation. Probably you have an other setup/requirement ? -- greets Bernd - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JASPIC AuthConfigProvider packaged with the web application not found
Hi, Am 19.09.21 um 19:48 schrieb Keil, Matthias (ORISA Software GmbH): Hello everyone and thanks for the hints. They also work as expected and I can package the provider in the web application . Nevertheless, the Configuration Reference (https://tomcat.apache.org/tomcat-9.0-doc/config/jaspic.html) suggests that you define your own provider in jaspic-providers.xml and Tomcat will then find it. I am really only interested in a separate server auth module (SAM). Since I saw no way in the documentation to pack this into the web application. That's why I tried the way through the provider. You want to define the class in the jaspic-providers.xml but package the provider implementation(s) in the application(s) ? As I said, your suggestions work, but there are also a number of additional classes needed to provide the actual SAM. Thank you again If you dont need the whole flexibility of JASPI you can also do something like this: public class MyAuthProvider implements AuthConfigProvider, ServerAuthConfig, ServerAuthModule, ServerAuthContext -- Greets Bernd - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: JASPIC AuthConfigProvider packaged with the web application not found
Hi Matthias, Am 17.09.21 um 09:39 schrieb bernd.sch...@daimler.com: From: "Keil, Matthias (ORISA Software GmbH)" To: users@tomcat.apache.org Subject: JASPIC AuthConfigProvider packaged with the web application not found I would like to develop an AuthConfigProvider and would like to deploy it together in a web application. The Tomcat 9 configuration reference for the AuthConfigProvider indicates that "The implementation may be packaged with the web application or in Tomcat's $ CATALINA_BASE / lib directory." The variant with the $ CATALINA_BASE / lib directory works as expected. My class of the AuthConfigProvider is found and instantiated. The variant of packing the implementation together with the web application does not work. In this case I get a java.lang.ClassNotFoundException. [SNIP] You can register it by using a ServletContextListener (or via CDI): AuthConfigFactory factory = AuthConfigFactory.getFactory(); factory.registerConfigProvider(new AuthProvider(), "HttpServlet", null, "TEST"); -- greets Bernd - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AW: OpenId with apache and tomcat
Hi Stephane, > -Ursprüngliche Nachricht- > Von: Stephane Passignat > Gesendet: 13 March 2020 17:53 > An: Tomcat Users List > Actually I have Apache2 operating as proxy and authenticate layer (HTTP > Form and HTTP Basic), in front of several Tomcat instances and webapps. > Apache pushes the userId to tomcat through AJP. > On tomcat side, the webapp has a Basic login-module in web.xml. > > I'm quite satisfied of the result, authentication and authorization are > out of the application scope. The deployment and maintenance of > application is super easy. The sensitive maintenance of authentication > is made by a dedicated team... > > I wish to improve that adding OpenId Authentication, keeping apache as > authentication layer with an openid connector, but the one I saw > doesn't seems to be used a lot and is not available as precompiled for > my os... > I'm looking also at moving authentication at tomcat level with an > openid Realm. It's not ideal because of the large number of > applications are servers do impact and network configuration to change, > ... > > > > Does someone have experience in this architecture ? Do you have some > recommendation for Apache Module or Tomcat Realm to use ? We implement a server extension (with help of nimbusd-library on top of jaspic), that works on tomcat9 (and all other java-ee application server). See here ==> https://connect2id.com/products/nimbus-oauth-openid-connect-sdk Unfortunately it is not open source, yet. -- Mit freundlichen Grüßen / Kind Regards/ नमस्ते(Namaste) Bernd Schatz ITT/FT - Java Free and Open Source Software (JFoSS) HPC Z252 Gebäude VDZ Ost 1.OG Plieninger Str. 150 70567 Stuttgart Bernd Schatz Büro: +49 711 17 41463 Mobile: +49 151 5862 6591 FAX: +49 711 17 7904 1252 mailto:bernd.sch...@daimler.com https://git.daimler.com/jfoss https://matter.i.daimler.com https://matter.i.daimler.com/daimler-ag/channels/jfoss If you are not the addressee, please inform us immediately that you have received this e-mail by mistake, and delete it. We thank you for your support.
AW: Basic question about application configuration
Hi Mathieu, > -Ursprüngliche Nachricht- > Von: Mathieu Dubois > Gesendet: Mittwoch, 23. Oktober 2019 03:00 > An: users@tomcat.apache.org [SNIP] > I have read a bit about Tomcat and if I understand correctly, the > correct way to do is to declare a Resource in the configuration of each > server which represents the DB to use and then adapt the code (in > particular Hibernate configuration) to use this Resource based on it's > name. Then the same WAR file can be deployed on any servers provided > it's configured without maven (i.e. I just have to upload the WAR file > and voilà). > > Is that correct ? Yes, it is a common approach in the Java Application world called jndi. So your app would also work on a different application server like Wildfly or Liberty. But the way you define it in your application server differs, So see here for comparison: https://tomcat.apache.org/tomcat-8.0-doc/jndi-resources-howto.html https://developer.jboss.org/thread/279940 -- Mit freundlichen Grüßen / Kind Regards/ नमस्ते(Namaste) Bernd Schatz ITT/FT - Java Free and Open Source Software (JFoSS) HPC Z252 Gebäude VDZ Ost 1.OG Plieninger Str. 150 70567 Stuttgart Bernd Schatz Büro: +49 711 17 41463 Mobile: +49 151 5862 6591 FAX: +49 711 17 7904 1252 mailto:bernd.sch...@daimler.com https://git.daimler.com/jfoss https://matter.i.daimler.com https://matter.i.daimler.com/daimler-ag/channels/jfoss If you are not the addressee, please inform us immediately that you have received this e-mail by mistake, and delete it. We thank you for your support. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Tomcat 9 Getting Started
Hi Enosh, Am Dienstag, den 20.08.2019, 10:14 +0200 schrieb Enosh Mogire: [SNIP] > So after installing and extracting the Tomcat archive file, I needed to set > the required permissions on the files through the commands bellow > > enosh@hp:~$ sudo chgrp -R tomcat /opt/tomcat > enosh@hp:~$ cd /opt/tomcat/ > enosh@hp:/opt/tomcat$ sudo chmod -R g+r conf > > The last command returns an error (chmod: cannot access 'conf': No such > file or directory) and it is where I am stuck. Please advise accordingly, > thank you. With the last command you wanted to change the access rights of the folder that does not exist. This is is more ,,Linux getting started''. Try this ==> man chmod -- Mit freundlichen Grüßen / Kind Regards/ नमस्ते(Namaste) Bernd Schatz ITI/FT - CoC Enterprise Platforms Services (PAI) HPC Z252 Gebäude VDZ Ost 1.OG Plieninger Str. 150 70567 Stuttgart Bernd Schatz Büro: +49 711 17 41463 Mobile: +49 151 5862 6591 FAX: +49 711 17 7904 1252 mailto:bernd.sch...@daimler.com https://matter.i.daimler.com If you are not the addressee, please inform us immediately that you have received this e-mail by mistake, and delete it. We thank you for your support. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
AW: Updating tomcat 7 to 9 got problems
Hi, > -Ursprüngliche Nachricht- > Von: Support > Gesendet: Freitag, 7. Juni 2019 15:21 > I am using Tomcat version 7.2 for my application > > whenever in install tomcat I use the command sudo yum install tomcat > default it was installing tomcat version 7.2 > > I want to update to 9 I was unable to run tomcat 9 I followed these steps > https://linuxize.com/post/how-to-install-tomcat-9-on-centos-7/ > > it is not working my folder structure is usr/share/tomcat For helping you we need some more food, what is the error message you logfile ? btw: your guide installs tomcat below /opt, so /usr/share/tomcat is probably not used. -- Mit freundlichen Grüßen / Kind Regards/ नमस्ते(Namaste) Bernd Schatz ITI/FT - CoC Enterprise Platforms Services (PAI) HPC Z252 Gebäude VDZ Ost 1.OG Plieninger Str. 150 70567 Stuttgart Bernd Schatz Büro: +49 711 17 41463 Mobile: +49 151 5862 6591 FAX: +49 711 17 7904 1252 mailto:bernd.sch...@daimler.com https://matter.i.daimler.com openpgp-digital-signature.asc Description: PGP signature
AW: Outbound SSL?
Hi, > -Ursprüngliche Nachricht- > Von: Peter Kreuser > Gesendet: Donnerstag, 30. Mai 2019 07:22 > Outbound SSL is usually handled by the underlying Java VM. ... and the problem occurs often if you use different jdks, like openjdk and ibmjdk. You can run a small java program on your jvm to print out the supported And default protocols. Yet, I didn’t find a better way. e.g. ==> https://confluence.atlassian.com/stashkb/list-ciphers-used-by-jvm-679609085.html -- Mit freundlichen Grüßen / Kind Regards/ नमस्ते(Namaste) Bernd Schatz ITI/FT - CoC Enterprise Platforms Services (PAI) HPC Z252 Gebäude VDZ Ost 1.OG Plieninger Str. 150 70567 Stuttgart Bernd Schatz Büro: +49 711 17 41463 Mobile: +49 151 5862 6591 FAX: +49 711 17 7904 1252 mailto:bernd.sch...@daimler.com https://matter.i.daimler.com openpgp-digital-signature.asc Description: PGP signature
Usage of Tomcat Logo combined with own logo.
Hi, We created a library that offers an easy integration in our internal oidc infrastructure. It is based on jaspic so it would work on any application server that support it, But we want to push the use of open source application server like tomcat Instead of closed source application server. Therefore we want to advertise with an internal ,,Java Free and Open Source'' Logo combined with a small tomcat logo inside, is this allowed? The logo will be used in te intranet but will be also visible For all suppliers that work for us. Thx in advance. -- Mit freundlichen Grüßen / Kind Regards/ नमस्ते(Namaste) Bernd Schatz ITI/FT - CoC Enterprise Platforms Services (PAI) HPC Z252 Gebäude VDZ Ost 1.OG Plieninger Str. 150 70567 Stuttgart Bernd Schatz Büro: +49 711 17 41463 Mobile: +49 151 5862 6591 FAX: +49 711 17 7904 1252 mailto:bernd.sch...@daimler.com https://matter.i.daimler.com openpgp-digital-signature.asc Description: PGP signature
Broken links to Logos on http://tomcat.apache.org/legal.html
Hi, There are broken links to logos on the page http://tomcat.apache.org/legal.html http://tomcat.apache.org/images/tomcat-power.gif http://tomcat.apache.org/images/tomcat.gif Who has to be informed to fix it ? Where can I get this logos ? -- Mit freundlichen Grüßen / Kind Regards/ नमस्ते(Namaste) Bernd Schatz ITI/FT - CoC Enterprise Platforms Services (PAI) HPC Z252 Gebäude VDZ Ost 1.OG Plieninger Str. 150 70567 Stuttgart Bernd Schatz Büro: +49 711 17 41463 Mobile: +49 151 5862 6591 FAX: +49 711 17 7904 1252 mailto:bernd.sch...@daimler.com https://matter.i.daimler.com If you are not the addressee, please inform us immediately that you have received this e-mail by mistake, and delete it. We thank you for your support.