janis wrote:
> "Ignacio J. Ortega" wrote:
>
> >
> >
> > You need to read those ugly specs ( in
> > http://java.sun.com/products/servlets ) to get your webapp security to
> > work, JDBCRealm has nothing to do with web.xml, it's only a way to store
> > usernames & passwords for a webapp, you need to configure your web.xml
> > to see it in action... Please send your web.xml if you want some help
> > with it ....
> >
> > Please check ( and understand ) the url
> > http://localhost:8080/examples/jps/security to look at working example,
> > look at the web.xml file of the examples webapp to look at a working
> > config...
>
> Thank you for recommendations! I'll read them.
>
> When I make a request to the url mentioned above I get an authenication
> form.
> When I provide the username tomcat and password tomcat (role tomcat is
> defined in tomcat-users.xml) I get an login error.
>
If you have declared that you are using the JDBCRealm instead of the default
one, the tomcat-users.xml file is no longer consulted. Be sure that you have
added users into the database table configured in your <Realm> entry in order
to be able to log on to the protected page in the examples application.
>
> I have seen a some messages on this list there people have discussed this
> issue.
> They were talking about a context attribute setting to trusted=true in the
> connection
> with the manager webapp included in Tomcat 4.0 - b1 distribution.
>
The "trusted" attribute only exists on Tomcat 3.2 -- not on 4.0. In order to
use the manager application of Tomcat 4.0, all you need is a defined user
(again, in your database table if you're using a JDBCRealm) with a role of
"manager".
>
> But where to specify the Context if Tomcat is not used in standalone mode.
>
There are likely to be bugs in trying to use container-managed security
through mod_webapp. Could you post the relevant portion of your server.xml
file?
Craig
>
> I tried to put a <Context> tag between <Engine> tags, but it resulted in
> error
> messages for WarpContext.
>
> The web.xml file I used is here:
> ?xml version="1.0" encoding="ISO-8859-1"?>
>
> <!DOCTYPE web-app
> PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
> "http://java.sun.com/j2ee/dtds/web-app_2_3.dtd">
>
> <web-app>
>
> <taglib>
> <taglib-uri>
> XSLTAGS
> </taglib-uri>
> <taglib-location>
> /WEB-INF/xsl.tld
> </taglib-location>
> </taglib>
>
> <security-constraint>
> <display-name>Wap Security Constraint</display-name>
> <web-resource-collection>
> <web-resource-name>Protected Area</web-resource-name>
> <url-pattern>/test/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>tomcat</role-name>
> <role-name>role1</role-name>
> </auth-constraint>
> </security-constraint>
>
> <login-config>
> <auth-method>FORM</auth-method>
> <realm-name>Wap Form-based Authentication Area</realm-name>
> <form-login-config>
> <form-login-page>/test/login/login.jsp</form-login-page>
> <form-error-page>/test/login/error.jsp</form-error-page>
> </form-login-config>
> </login-config>
>
> </web-app>
>
> >
> >
> > Saludos ,
> > Ignacio J. Ortega
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, email: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, email: [EMAIL PROTECTED]
