Thanks, Ulf. At least I know it's not just me. Are any developers of
JSPWiki monitoring this forum?
I debugged this down to the isConstrained(...) method in
org.apache.wiki.auth.authorizer.WebContainerAuthorizer.java. I'm not
sure of the reason for adding the "j:" tag qualifier prefix. Comment
says it is required for J2EE 2.3. But it's searching for
<j:url-contstraint> and other "j:" tags in web.xml, which aren't there.
And the search is failing. So basically it is not finding /Login.jsp
and /Delete.jsp constraints even though they are present and in the
correct location (and uncommented). I tried adding the "j:" prefixes to
my web.xml. But the webapp wouldn't even start with prefixes manually
added. So the problem is straightforward. It may have nothing to do
with the "j:" prefix. But that line that search for the constraint tag
is still failing. I ultimately get the log entry that says "JSPWiki is
using custom authentication." from the WebContainerAuthorizer class even
though web.xml is configured for container-managed authentication.
So I'm dead with this release. Either I'm doing something horribly
wrong or there is a serious bug in the WebContainerAuthorizer code. But
I've gone as far as I can go short of having to modify JSPWiki and build
my own release (which I do NOT want to do or have time to do).
Can someone tell me what I'm doing wrong and/or how many releases back I
have to go (and where to find archived releases) in order to get my
sites back online for my clients?
Will a developer PLEASE reply?
Jerry
On 7/3/2019 1:33 AM, Ulf Dittmer wrote:
I have not gotten container auth to work with 2.11.0.M3. I'm quite familiar
with Java web apps, so I know what to comment and what not in web.xml, but
no dice. I don't use SSO, though. But container auth works fine with other
web apps on the same Tomcat instance.
Ulf
