Hi Satish, we have to discriminate between the client- and the server side. If you have a successful login with DAVExplorer the server side is now working properly. On client side you can easily access an address that is protected with basic authentication using the commons-http-client.(see http://jakarta.apache.org/httpcomponents/httpclient-3.x/) For authentication look at http://jakarta.apache.org/httpcomponents/httpclient-3.x/authentication.html
Hope that helps Arne Satish schrieb: > Hi > > There were problem in environment variables, I set all environment > variables correctly and its seems to be working :) > > Now tomcat is understanding Slide user database, tomcat-users.xml not > required anymore for authentication. > > I was checking this using DAVExplorer but now I need to implement and > use API for authentication, so > > Is that JAAS package will help me in this, shall I need to use those > API for authentication from my custom jsp client? > Do you have any idea how can I directly use same authentication way > like DAVExplorer using? > > > Regards, > Satish > > > ----- Original Message ----- > *From:* kiltesh patel <mailto:[EMAIL PROTECTED]> > *To:* Slide Users Mailing List > <mailto:[email protected]> ; Satish > <mailto:[EMAIL PROTECTED]> > *Sent:* Saturday, September 15, 2007 10:15 PM > *Subject:* Re: Authentication with Slide - Slide vs tomcat Realm > > Hi Satish, > > try this... > > 1. 5) Set environment variable > CATALINA_OPTS=-Djava.security.auth.login > .config=$CATALINA_HOME/conf/jaas > .config > > In place of = use == to set catalina_opts > > 2. Also, appName="slide_login" name should exactly match in > config.jaas file > > slide_login {.... > > 3. You can also try using JAVA_OPTS instead of CATALINA_OPTS > > 4. Also, check your classpath if it finds jaas.config and > userClassNames="org.apache.slide.jaas.spi > .SlidePrincipal" > roleClassNames="org.apache.slide.jaas.spi.SlideRole" > are in classpah. > > Regards > Kiltesh > > > > On 9/15/07, *Satish* <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> wrote: > > Hi Arne > > Using your guidelines I tried configuring JAAS with Slide. > > I did something like: > > 1) > Configure tomcat web.xml to have > <Context path="/slide" debug="0" privileged="true" > useNaming="true"> > <Realm className="org.apache.catalina.realm.JAASRealm " > appName="slide_login" > userClassNames="org.apache.slide.jaas.spi.SlidePrincipal" > roleClassNames="org.apache.slide.jaas.spi.SlideRole" > name="Slide DAV Server" > useContextClassLoader="false" /> > </Context> > in Host. > > 2) Copied jaas.config file in conf folder of tomcat > > 3) Copied slide-jaas-2.1.jar in \\Tomcat 5.5\common\lib folder > > 4) Uncommented <security-constraint> from Slide web.xml > > 5) Set environment variable > > CATALINA_OPTS=-Djava.security.auth.login.config=$CATALINA_HOME/conf/jaas > .config > > Retsrated tomcat server and then tried connecting Slide using > Web DAV Explorer client provided by Slide, but when I tried > login, tomcat log says: > > Unable to locate a login configuration...here is the error for > details > > Sep 15, 2007 8:26:27 PM org.apache.catalina.realm.JAASRealm > authenticate > SEVERE: Unexpected error > java.lang.SecurityException: Unable to locate a login > configuration > at com.sun.security.auth.login.ConfigFile.<init>(Unknown Source) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native > Method) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown > Source) > at > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown > Source) > at java.lang.reflect.Constructor.newInstance(Unknown Source) > at java.lang.Class.newInstance0(Unknown Source) > at java.lang.Class.newInstance (Unknown Source) > at javax.security.auth.login.Configuration$3.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at > javax.security.auth.login.Configuration.getConfiguration(Unknown > Source) > at javax.security.auth.login.LoginContext$1.run(Unknown Source) > at java.security.AccessController.doPrivileged(Native Method) > at javax.security.auth.login.LoginContext.init(Unknown Source) > at javax.security.auth.login.LoginContext .<init>(Unknown Source) > at > org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:355) > at > > org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:181) > at org.apache.catalina.authenticator.AuthenticatorBase.invoke > (AuthenticatorBase.java:446) > at > > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) > at > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) > at org.apache.catalina.core.StandardEngineValve.invoke > (StandardEngineValve.java:107) > at > > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) > at > > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825) > at > > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection > (Http11Protocol.java:738) > at > > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:526) > at > > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80) > at > > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684) > at java.lang.Thread.run(Unknown Source) > Caused by: java.io.IOException: Unable to locate a login > configuration > at com.sun.security.auth.login.ConfigFile.init (Unknown Source) > ... 27 more > > > Do you have idea if I am missing out anything here. > > > Regards, > Satish > > > > ----- Original Message ----- > From: "Arne v.Irmer" < [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> > To: "Slide Users Mailing List" <[email protected] > <mailto:[email protected]>> > Sent: Friday, September 14, 2007 4:22 PM > Subject: Re: Authentication with Slide - Slide vs tomcat Realm > > > > Hi Satish, > > things are easy, if you look at the used technics: Silde is > a servlet in > > tomcat and uses the authentication mechanism of tomcat. This > includes > > such nice things like the sso-Valve. > > What you have to implement a user management that does both: > > 1. Creating/Deleting the user in silde by just > creating/deleting a > > collection with the user name in /user (default value). Tip: > Look at the > > powerful roles mechanism in slide. > > 2. Doing the JAAS-Authentication. > > This is how we did it here. > > > > Yours > > Arne > > > > Satish schrieb: > > > Hey Arne > > > > > > Thanks for quick reponse. > > > > > > Do you mean here that I should take steps below to > implemnt authetication, > > > > > > - configure Slide realm, configure tomcat to use Slide > users for > > > authentication > > > - configure JAAS for tomcat > > > - use JAAS API to authenticate the requests, > > > so here JAAS will ask tomcat for authetication -> tomcat > will check Slide > > > user database > > > > > > Is is somthing gonna happen...? > > > > > > Thanks. > > > > > > > > > Regards, > > > Satish > > > > > > > > > ----- Original Message ----- > > > From: "Arne v.Irmer" <[EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]>> > > > To: "Slide Users Mailing List" < > [email protected] > <mailto:[email protected]>> > > > Sent: Friday, September 14, 2007 2:50 PM > > > Subject: Re: Authentication with Slide - Slide vs tomcat Realm > > > > > > > > > > > >> Hi Satish, > > >> look for JAAS-Authentication that is a standard API that > works pretty > > >> well with tomcat. A good introduction is found at > > >> > http://www.javaworld.com/javaworld/jw-09-2002/jw-0913-jaas.html > > >> > > >> Yours > > >> Arne > > >> > > >> Satish schrieb: > > >> > > >>> Hi > > >>> > > >>> I need to authentication with Slide, there are two ways > I can see > > >>> > > >>> I am thinking of using Slide realm and configuring > tomcat to use Slide > > >>> > > > user database for authentication. > > > > > >>> Otherwise if I rely completely on tomcat realm, typical > tomcat-users.xml > > >>> > > > file based, authetication, I need to add user two places - > Slide and > > > tomcat-user, which is problem. > > > > > >>> Can any body suggests on > > >>> #1 how can I configure tomcat to use the Slide users for > authentication? > > >>> #2 how can I actually autheticate request of tomcat > programatically, is > > >>> > > > any API available? > > > > > >>> What I am looking for is authenticating user with Slide. > > >>> > > >>> Any suggestion is valuable for me. > > >>> > > >>> Regards, > > >>> Satish > > >>> > > >>> Disclaimer: > > >>> This e-mail may contain Privileged/Confidential > information and is > > >>> > > > intended only for the individual(s) named. Any review, > retransmission, > > > dissemination or other use of, or taking of any action in > reliance upon this > > > information by persons or entities other than the intended > recipient is > > > prohibited. Please notify the sender, if you have received > this e-mail by > > > mistake and delete it from your system. Information in > this message that > > > does not relate to the official business of the company > shall be understood > > > as neither given nor endorsed by it. E-mail transmission > cannot be > > > guaranteed to be secure or error-free. The sender does not > accept liability > > > for any errors or omissions in the contents of this > message which arise as a > > > result of e-mail transmission. If verification is required > please request a > > > hard-copy version. Visit us at > http://www.harbinger-systems.com/ > > > > > >>> > > >>> > > >> > --------------------------------------------------------------------- > > >> To unsubscribe, e-mail: > [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > >> For additional commands, e-mail: > [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > >> > > >> > > > > > > Disclaimer: > > > This e-mail may contain Privileged/Confidential > information and is intended only for the individual(s) named. > Any review, retransmission, dissemination or other use of, or > taking of any action in reliance upon this information by > persons or entities other than the intended recipient is > prohibited. Please notify the sender, if you have received > this e-mail by mistake and delete it from your system. > Information in this message that does not relate to the > official business of the company shall be understood as > neither given nor endorsed by it. E-mail transmission cannot > be guaranteed to be secure or error-free. The sender does not > accept liability for any errors or omissions in the contents > of this message which arise as a result of e-mail > transmission. If verification is required please request a > hard-copy version. Visit us at http://www.harbinger-systems.com/ > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > For additional commands, e-mail: > [EMAIL PROTECTED] > <mailto:[EMAIL PROTECTED]> > > > Disclaimer: > This e-mail may contain Privileged/Confidential information > and is intended only for the individual(s) named. Any review, > retransmission, dissemination or other use of, or taking of > any action in reliance upon this information by persons or > entities other than the intended recipient is prohibited. > Please notify the sender, if you have received this e-mail by > mistake and delete it from your system. Information in this > message that does not relate to the official business of the > company shall be understood as neither given nor endorsed by > it. E-mail transmission cannot be guaranteed to be secure or > error-free. The sender does not accept liability for any > errors or omissions in the contents of this message which > arise as a result of e-mail transmission. If verification is > required please request a hard-copy version. Visit us at > http://www.harbinger-systems.com/ > > > > Disclaimer: > This e-mail may contain Privileged/Confidential information and > is intended only for the individual(s) named. Any review, retransmission, d > issemination or other use of, or taking of any action in reliance upon this > information by persons or entities other than the intended recipient is proh > ibited. Please notify the sender, if you have received this e-mail by mistak > e and delete it from your system. Information in this message that does not > relate to the official business of the company shall be understood as neithe > r given nor endorsed by it. E-mail transmission cannot be guaranteed to be s > ecure or error-free. The sender does not accept liability for any errors or > omissions in the contents of this message which arise as a result of e-mail > transmission. If verification is required please request a hard-copy version > . Visit us at http://www.harbinger-systems.com/ > > > > -- Dipl.-Phys. Arne v.Irmer Medienzentrum Universität Dortmund Am Hauert 12a 44227 Dortmund Tel.: ++49 231 755 7127 Fax : ++49 231 755 4597 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
