>>
>> But why does my custom app display "JDBCRealm" in the credentials
>> prompt?
>
>Because the 401.jsp file in the manager webapp overrides the default
>dialog box; since your custom webapp has no such error page, the
><realm-name> is used. Note that <realm-name> is purely cosmetic; you
>can put anything you want there.
This got me to thinking that perhaps I should try Form-based authentication
rather than DIGEST. So I changed the login-config to
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Tomcat Manager Application</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/401.jsp</form-error-page>
</form-login-config>
</login-config>
And I copied login.jsp from the Tomcat examples app to
${catalina.home}\webapps\manager\.
Then I added a user with manager role to my JDBCRealm datastore, with the
password digested directly, as opposed to the way it's done with DIGEST
authentication.
And this worked! So now I have manager working with my JDBCRealm, and I'm happy
to use FORM vice DIGEST authentication if I must. But is this expected that
manager would not work with DIGEST authentication? When authentication was
failing, the credentials prompt was a window, not a browser-rendered html page;
so I assume it was being generated by the JDBCRealm. And the login-config was
specifying DIGEST authentication, so I thought it should work with a user whose
password was stored in the realm as digested via the DIGEST authentication
algorithm.
Perhaps since I used DIGEST authentication, it was necessary to put the proper
name of the realm in <realm-name>, despite what you said above. I know I had in
this element at first the same realm name I used for generating the digested
password in my datastore; but perhaps I had something else configured wrong
when I had the realm name correct. I'll try again with DIGEST authentication
with the proper realm name, and see if that works.
-Mark
____________________
-Mark
---------------------------------------------------------------------
To start a new topic, e-mail: [email protected]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
