I don't know if this helps, but here's an extract from the log below. This gets
created at deployment, but when I visit the URL, I don't get any output.
Also I've determined now that the sample app is using conf/tomcat-users.xml and
not my own /tmp/tomcatusers.xml file as I get a 403 returned when I put in the
tomcat manager credentials, and a 401 after 3 failed attempts logging in as
test.
I wonder if my log4j file is right for debugging the realm?:
log4j.logger.org.apache.catalina.realm=DEBUG
log4j.rootLogger=DEBUG, R
log4j.appender.R=org.apache.log4j.DailyRollingFileAppender
log4j.appender.R.File=${catalina.base}/logs/sample.log
log4j.appender.R.layout=org.apache.log4j.PatternLayout
log4j.appender.R.DatePattern='.'yyyy-MM-dd
log4j.appender.R.layout.ConversionPattern=%d %-5p %c - %m%n
2008-03-12 12:18:52,292 DEBUG org.apache.commons.digester.Digester.sax -
setDocumentLocator([EMAIL PROTECTED])
2008-03-12 12:18:52,293 DEBUG org.apache.commons.digester.Digester.sax -
startDocument()
2008-03-12 12:18:52,293 DEBUG org.apache.commons.digester.Digester.sax -
startElement(,,tomcat-users)
2008-03-12 12:18:52,293 DEBUG org.apache.commons.digester.Digester - Pushing
body text ''
2008-03-12 12:18:52,293 DEBUG org.apache.commons.digester.Digester - New
match='tomcat-users'
2008-03-12 12:18:52,293 DEBUG org.apache.commons.digester.Digester - No rules
found matching 'tomcat-users'.
2008-03-12 12:18:52,293 DEBUG org.apache.commons.digester.Digester.sax -
characters(
)
2008-03-12 12:18:52,293 DEBUG org.apache.commons.digester.Digester.sax -
startElement(,,role)
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester - Pushing
body text '
'
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester - New
match='tomcat-users/role'
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester - No rules
found matching 'tomcat-users/role'.
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester.sax -
endElement(,,role)
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester -
match='tomcat-users/role'
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester -
bodyText=''
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester - No rules
found matching 'tomcat-users/role'.
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester - Popping
body text '
'
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester.sax -
characters(
)
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester.sax -
startElement(,,role)
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester - Pushing
body text '
'
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester - New
match='tomcat-users/role'
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester - No rules
found matching 'tomcat-users/role'.
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester.sax -
endElement(,,role)
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester -
match='tomcat-users/role'
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester -
bodyText=''
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester - No rules
found matching 'tomcat-users/role'.
2008-03-12 12:18:52,294 DEBUG org.apache.commons.digester.Digester - Popping
body text '
'
2008-03-12 12:18:52,295 DEBUG org.apache.commons.digester.Digester.sax -
characters(
)
2008-03-12 12:18:52,295 DEBUG org.apache.commons.digester.Digester.sax -
startElement(,,role)
2008-03-12 12:18:52,295 DEBUG org.apache.commons.digester.Digester - Pushing
body text '
> On your realm up the level of debug and let us know whats in the logs
>
>
> D
>
>
> On Wed, 2008-03-12 at 11:16 +0000, Edward Quick wrote:
> > Thanks David, I had forgotten the web.xml as you suggested. I have now
> > added this so my web.xml is as shown below, and I get the prompt but the
> > userid I'm using 'test' (passwd: test) isn't going through.
> > Hope this isn't a daft question, but do I need to add code to the servlet
> > to get this to work? Thanks for your help.
> >
> > Ed.
> >
> >
> > <?xml version="1.0" encoding="ISO-8859-1"?>
> > <web-app xmlns="http://java.sun.com/xml/ns/j2ee";
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> > xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
> > http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd";
> > version="2.4">
> >
> > <display-name>Hello, World Application</display-name>
> > <description>
> > This is a simple web application with a source code organization
> > based on the recommendations of the Application Developer's Guide.
> > </description>
> >
> > <servlet>
> > <servlet-name>HelloServlet</servlet-name>
> > <servlet-class>mypackage.Hello</servlet-class>
> > </servlet>
> >
> > <servlet-mapping>
> > <servlet-name>HelloServlet</servlet-name>
> > <url-pattern>/hello</url-pattern>
> > </servlet-mapping>
> >
> > <resource-env-ref>
> > <description>
> > Link to the UserDatabase instance from which we request lists of
> > defined role names. Typically, this will be connected to the global
> > user database with a ResourceLink element in server.xml or the context
> > configuration file for the Manager web application.
> > </description>
> > <resource-env-ref-name>users</resource-env-ref-name>
> > <resource-env-ref-type>
> > org.apache.catalina.UserDatabase
> > </resource-env-ref-type>
> > </resource-env-ref>
> >
> > <security-constraint>
> > <web-resource-collection>
> > <web-resource-name>test</web-resource-name>
> > <url-pattern>/*</url-pattern>
> > </web-resource-collection>
> > <auth-constraint>
> > <!-- NOTE: This role is not present in the default users file -->
> > <role-name>test</role-name>
> > </auth-constraint>
> > </security-constraint>
> >
> > <!-- Define the Login Configuration for this Application -->
> > <login-config>
> > <auth-method>BASIC</auth-method>
> > <realm-name>Tomcat Sample Application</realm-name>
> > </login-config>
> >
> > <!-- Security roles referenced by this web application -->
> > <security-role>
> > <description>
> > The role that is required to log in to the test application
> > </description>
> > <role-name>test</role-name>
> > </security-role>
> >
> > </web-app>
> >
> >
> > and /tmp/tomcatusers.xml is:
> >
> > <?xml version='1.0' encoding='utf-8'?>
> > <tomcat-users>
> > <role rolename="tomcat"/>
> > <role rolename="role1"/>
> > <role rolename="manager"/>
> > <role rolename="admin"/>
> > <user username="tomcat" password="tomcat" roles="tomcat"/>
> > <user username="both" password="tomcat" roles="tomcat,role1"/>
> > <user username="test" password="test" roles="test"/>
> > <user username="admin" password="tomcat" roles="admin"/>
> > </tomcat-users>
> >
> >
> > >
> > > whats in your web.xml ?
> > >
> > > is your app forcing a login ?
> > >
> > > all the realm provides is a system to do authentication
> > > unless you are triggering it, it isn't used....
> > >
> > >
> > >
> > > On Wed, 2008-03-12 at 10:36 +0000, Edward Quick wrote:
> > > > Hi,
> > > >
> > > > I would like to specify my own tomcat-users.xml for my webapp to use
> > > > (not the server's main one in conf/tomcat-user.xml).
> > > >
> > > > I tried the following configuration in my webapp's context.xml file but
> > > > unfortunately when I went to the URL, I wasn't even prompted for a
> > > > logon:
> > > >
> > > > <Context path="/sample" debug="0" privileged="true">
> > > > <Realm className="org.apache.catalina.realm.MemoryRealm"
> > > > path="/tmp/tomcatusers.xml" />
> > > > </Context>
> > > >
> > > > Could someone tell me if this is possible, and if so what I need to do
> > > > to set up the login prompt please?
> > > >
> > > > Thanks,
> > > >
> > > > Ed.
> > > >
> > > >
> > > >
> > > > _________________________________________________________________
> > > > Telly addicts unite!
> > > > http://www.searchgamesbox.com/tvtown.shtml
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To start a new topic, e-mail: users@tomcat.apache.org
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> >
> > _________________________________________________________________
> > Telly addicts unite!
> > http://www.searchgamesbox.com/tvtown.shtml
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
_________________________________________________________________
Telly addicts unite!
http://www.searchgamesbox.com/tvtown.shtml
