On 15.05.2016 13:58, Francesco Viscomi wrote:
Hi all,
I've declared a filter in web.xm as:
<filter>
<filter-name>ShibbolethHeaderReaderFilter</filter-name>
<display-name>ShibbolethHeaderReaderFilter
IdPC</display-name>
<description></description>
<filter-class>it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc</filter-class>
<init-param>
<param-name>configurationFile</param-name>
<param-value>resources/shibboleth-spp-config.xml</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ShibbolethHeaderReaderFilter</filter-name>
<url-pattern>/protected/*</url-pattern>
</filter-mapping>
where it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc
is a jar file that i don't know the source;
Now i do i call as:
http://localhost:8080/srlo/protected/login.html
and i get HTTP Status 404 the resource is not available.
My question is, why the filter do not activated: in the url the is the word
protect and the mapping of the filter is
<url-pattern>/protected/*</url-pattern>
I don't know the details of it, and not much at all about Shibollet, but usually in an
authentication scenario which involves a login page to authenticate a user, one would not
include the login page in question, in the area that is protected by the authentication.
This would ususally result in an endless logic loop.
Think about it.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org