Hello,
The answer to your question is that you cannot serve the User database (now
tomcat-users.xml) from inside a .war file as it cannot be read from in there
but you can change its location to be below your webapps directory. This can
be achieved by changing the path to it which is currently in
Can somebody suggest how to implement Basic Authentication in Tomcat4.1 or
use an existing Basic Authentication being used by other application.
Thanks
-sumit
-Original Message-
From: Kumar, Sumit
Sent: Thursday, November 20, 2003 11:44 AM
To: 'Tomcat Users List'
Subject: Basic Authentic
It s not use in the class java.net.Authenticator ?
See it
> -Original Message-
> From: Kumar, Sumit [mailto:[EMAIL PROTECTED]
> Sent: Thursday, November 20, 2003 7:01 PM
> To: 'Tomcat Users List'
> Subject: RE: Basic Authentication
>
>
> Can someb
Maybe through navigator object in user´s browser, you must check if
there´s not permission constraint for that.
> --
> De: Bui, Bao-Ha D[SMTP:[EMAIL PROTECTED]
> Responder:Tomcat Users List
> Enviada: sexta-feira, 5 de dezembro de 2003 13:45
> Para: 'Tomcat Users
You might want to read the comments on the following URL - it shows how
to configure authentication with a Windows domain, but apparently, it's
out of date:
http://www.raibledesigns.com/page/rd?
anchor=easy_windows_authentication_with_tomcat
Matt
On Dec 5, 2003, at 9:45 AM, Bui, Bao-Ha D wr
http://jakarta.apache.org/tomcat/faq/windows.html#ntlm
-Tim
Bui, Bao-Ha D wrote:
Hi all,
I need to capture the WinNT account name of users to a jsp page.
We have Active Directory at our company. We can have a basic login form
(that standard pop up login form from Window).
Could anyone tel
tringBuffer();
for (int i = 0; i < s.length(); i++) {
char c = s.charAt(i);
if (c > ' ')
sb.append(c);
}
return sb.toString();
}
}
-Original Message-
From: Tim Funk [mailto:[EMAIL PROTECTED]
Sent: Friday, December 05, 2003 11:58 AM
To: Tom
I never try it, but maybe u can write your own code into the login
page that redirect you on a different page if the login taske will not
completed as needed...
On Mon, 24 Jan 2005 14:21:19 +0100, Giorgio Ponza <[EMAIL PROTECTED]> wrote:
> Hi all
> I have a small problem trying to configure BASIC
Omar Adobati ha scritto:
I never try it, but maybe u can write your own code into the login
page that redirect you on a different page if the login taske will not
completed as needed...
I can't try this :D
There is no login page, only a box appearing over the browser asking user and
password.
Than
Oh, I'm sorry... you are using the basic auth mode... there was a
missunderstanding... sorry again...
On Mon, 24 Jan 2005 14:29:44 +0100, Giorgio Ponza <[EMAIL PROTECTED]> wrote:
> Omar Adobati ha scritto:
> > I never try it, but maybe u can write your own code into the login
> > page that redire
Hi
May be try putting the following in web.xml file just
before taglib ( i am not sure but works with 2.2)
403
/pages/error/noaccess.jsp
401
/pages/error/noaccess.jsp
Ashish
--- Omar Adobati <[EM
Ashish Kulkarni ha scritto:
Hi
May be try putting the following in web.xml file just
before taglib ( i am not sure but works with 2.2)
403
/pages/error/noaccess.jsp
401
/pages/error/noaccess.jsp
Ashi
Marino Vittorio wrote:
> I am using Basic authentication with Tomcat v3.2.1 Everything works just
> fine, but I'd like to know how to grab User and Password during the
> authentication process to put them in a bean. Any clue?
> Thanks, Vittorio
>
The username is already available, via request.ge
add this to the web.xml
401
/errorpage.jsp
- Original Message -
From: "Koes, Derrick" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, March 25, 2003 6:22 PM
Subject: Basic authentication question
>
> I wish to replace tomcat's 401 error page with something more el
-
From: Boon Seong [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 25, 2003 5:27 PM
To: Tomcat Users List
Subject: Re: Basic authentication question
add this to the web.xml
401
/errorpage.jsp
- Original Message -
From: "Koes, Derrick" <[EMAIL PROTECTED]>
To: &
/error.jsp
- Original Message -
From: "Koes, Derrick" <[EMAIL PROTECTED]>
To: "'Tomcat Users List'" <[EMAIL PROTECTED]>
Sent: Tuesday, March 25, 2003 6:31 PM
Subject: RE: Basic authentication question
>
> Unfortunately, this does not
3
BASIC
DORA
-Original Message-
From: Boon Seong [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 25, 2003 5:37 PM
To: Tomcat Users List
Subject: Re: Basic authentication question
In that case, meaning it is a protected resource right ? Maybe u can try
using
the container'
On Wed, 6 Mar 2002, Mark Shaw wrote:
> Date: Wed, 6 Mar 2002 22:37:17 -0800
> From: Mark Shaw <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
> Subject: BASIC Authentication Question
>
> I'm hoping someone can shed some light
Have you turn on the SingleSignOn valve in server.xml?
-Paul
Mark Shaw wrote:
>I'm hoping someone can shed some light on a particular behavior I'm
>experiencing with BASIC authentication and session cookies:
>
>I've set up my servlet to use BASIC authentication and I'm my own very
>simple real
Mark Shaw wrote:
>
> In subsequent requests I pass back the sessionID (in a cookie
> labeled "jsessionid"...) instead of the BASIC authentication
>
You need to include the authentication information with
every request for a protected resource, or you're going
to get another challenge. rfc2617
If you are using basic authentication, that is out of your control -
the browser will resend the authentication with every request. I does
not care at all about your session.
I think your simplest solution is to switch to form-based authentication.
Larry
On Thu, 27 Jan 2005 19:58:16 -0800 (PST),
Hi Larry,
Thank you for your reply! Yes, I have tried the form authentication. It
does redirect to the login page when session expires.
Gia
Larry Meadors <[EMAIL PROTECTED]> wrote:
If you are using basic authentication, that is out of your control -
the browser will resend the authentica
(Please, create new messages when mailing the list. Responding to
unrelated messages causes confusion for those of us who use thread-aware
mailers.)
: In a nutshell, I'm wondering if it's better NOT to use basic
: authentication.
My understanding is that FORM vs BASIC is just that the former le
Thursday, June 17, 2004 4:04 PM
Subject: Re: basic authentication or not?
> (Please, create new messages when mailing the list. Responding to
> unrelated messages causes confusion for those of us who use thread-aware
> mailers.)
>
>
> : In a nutshell, I'm wondering if
resented to the user when you type
www.ourDomain.com?
Thanks so much,
Stephen
- Original message -
From: "QM" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Date: Thu, 17 Jun 2004 16:04:21 -0500
Subject: Re: basic authentication or not?
> De: EDV Systembetrieb [mailto:[EMAIL PROTECTED]]
> Enviado el: lunes 17 de diciembre de 2001 14:33
> My problem is, that there seems to be a permanent connection
> between the browser and the servlet or the logininformation a
> cached by the browser until the browser is restartet
>
THis que
> -Original Message-
> From: EDV Systembetrieb [mailto:[EMAIL PROTECTED]]
> Sent: Monday, December 17, 2001 8:33 AM
> To: [EMAIL PROTECTED]
> Subject: Basic authentication & password caching
>
>
> Hi everybody,
> I setup Tomcat 3.3 with JDBCRealm and a mysql-database using
> basic au
On Mon, 17 Dec 2001, EDV Systembetrieb wrote:
> Date: Mon, 17 Dec 2001 14:32:34 +0100
> From: EDV Systembetrieb <[EMAIL PROTECTED]>
> Reply-To: Tomcat Users List <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Basic authentication & password caching
>
> Hi everybody,
>
> I setup Tomcat 3
you can add a user / password in tomcat-users.xml and assign the
roles="admin" to this
user. Can you restrict access to a servlet using .htaccess in tomcat. I am
pretty interseted
in it also.
- Original Message -
From: "Cory L Hubert" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thur
If 'b' is not protected, then Apache will neither ask for
authorization nor include authorization info in the request
headers when a document in 'b' is requested.
One thing you could try is to use a symbolic link to 'b'
from 'a' so that /htdocs/a/b points to /htdocs/b. Then
a request for /htdocs
Based on my own experience, the quickest way to work out what is
happening will be to debug your way through it. See the FAQ for how to
set this up: http://jakarta.apache.org/tomcat/faq/development.html
Mark
Mudumbai, Kalyan wrote:
Hi All,
I am trying to write a custom realm for my web applicati
hi Barry,
if you want to customize your error page or login page
you had better use form based authentication.
below is a website where you can get enough information about that:
http://www.onjava.com/pub/a/onjava/2001/08/06/webform.html?page=1
hope it helps :)
- Original Message -
From:
[EMAIL PROTECTED] wrote:
> It works fine with Tomcat 3.2, but it should run on Tomcat 3.1 ... don't ask
> me why, I have no idea :-)
This is one of the many bugs in Tomcat 3.1. If you want to use container managed
security, you need to use 3.2 or later.
>
> Any ideas what is wrong?
> Thanks in
try /document/* as the url-pattern or /document/*.doc if you want the .doc files under
/document to be protected ...
-Original Message-
From: Daniel Zhang [mailto:[EMAIL PROTECTED]
Sent: 22. juli 2003 14:48
To: Tomcat Users List
Subject: Basic Authentication not work for directory
Hi,
As you see in my web.xml file, I've already put /document/* as a
url-pattern(/document/*), the question is
under /document directory, there are some other types of file like
*.pdf, *.txt which need to be protected. I also have these types of file
in other directory which need to be public. So i
Nevermind. I had a 401 page defined in web.xml, so it was being sent there
instead of the browser. My mistake.
- Original Message -
From: "e-Denton Subscriber" <[EMAIL PROTECTED]>
To: "Tomcat Users List" <[EMAIL PROTECTED]>
Sent: Saturday, October 23, 2004 4:06 PM
Subject: BASIC authentic
Hi again,
I just discovered bug 33157: "basic authentication fails in some cases",
reported in Tomcat 5.5.4.
http://issues.apache.org/bugzilla/show_bug.cgi?id=33157
It doesn't describe my exact problem, but it's the best theory so far.
Unfortunately the hosting provider is unlikely to install
Hi Ross,
Simply adding an error page will not do. You need to have a servlet
that will set the status of the response-page as "403"
(HttpServletResponse.SC_UNAUTHORIZED)
Look at the code-implementation of Security-Filter. It's good.
http://sf.net/projects/securityfilter
HTH
Happy Hacki
st will avoid other newbies to be stuck like I was.
Merci,
Laurent
> Message du 23/07/04 à 21h36
> De : "Michele Ouellet" <[EMAIL PROTECTED]>
> A : "Laurent Le Moux" <[EMAIL PROTECTED]>
> Copie à :
> Objet : Re: BASIC authentication not working, P
Hello,
Well, I just write a response to myself ;)
The following problem is not there with NT4/IIS 4. I have it only with
W2K/IIS 5.
> Using tomcat for the authentication is not working completely: the
> authentication is going well, but the result of it is not the jsp page I
> wanted to see, b
Betty,
Take a look at the web.xml --- from servlet spec
--- and do not forget the security vulnerability when
you use the BASIC
authentication without SSL.
Pae
Hi -- Can someone point me to a simple example of
how to setup tomcat for basic HTTP authentication?
Here is how you can create a custom 401 (Not Authorized) error response
in Tomcat. Putting a directive like this:
401
/errors/401.html
in web.xml will not work. If you put that in web.xml, it will deny all
authorization.
The thing to do is to create a filter for the resources you want t
I did some more research on this. It looks like it was a Known Bug in
Tomcat 4.0.2, and it doesn't look like it has been fixed since then (I'm
using 4.0.4). Tomcat developers, is there any patch or workaround known
for this?
I did some digging in the Tomcat source, and it looks like the html
er
It can be made to work...
Put the error-page directive in as per web.xml spec
On the jsp / servlet it points at,
response.addHeader("WWW-Authenticate", "BASIC realm=\"" + realm
+ "\"");
response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
and then write custom page
On Thu, 2002-09-05 at 13:55, Eric Hollander wrote:
> I did some more research on this. It looks like it was a Known Bug in
> Tomcat 4.0.2, and it doesn't look like it has been fixed since then (I'm
> using 4.0.4). Tomcat developers, is there any patch or workaround known
> for this?
>
> I did s
45 matches
Mail list logo
