Re: IE & Firefox work fine, Mac, Google and Safari don't authenticate

Dick Eastlake Tue, 05 Apr 2011 23:53:02 -0700

Here's an access log from a successful login using Firefox.  Note the post 
toj_security_check returns a 302 and the id of the authenticated user shows in 
the returned request for a page located in the secured portion of the site.
213.20.160.134 - - [05/Apr/2011:22:44:31 -0700] "GET /catalog/dealerwelcome.jsp 
HTTP/1.1" 200 1870
213.20.160.134 - - [05/Apr/2011:22:44:40 -0700] "POST /catalog/authControl.jsp 
HTTP/1.1" 302 -
213.20.160.134 - - [05/Apr/2011:22:44:40 -0700] "GET 
/catalog/dealer/dealerwelcome.jsp HTTP/1.1" 200 1910
213.20.160.134 - - [05/Apr/2011:22:44:44 -0700] "POST 
/catalog/dealer/j_security_check HTTP/1.1" 302 -
213.20.160.134 - dickeastl...@progressivecommerce.com [05/Apr/2011:22:44:44 
-0700] "GET /catalog/dealer/dealerwelcome.jsp HTTP/1.1" 200 2391


Here's a failed attempt (phony id/password) using IENote the post to 
j_security_check returns a 200 and there is no returned request.
74.77.201.185 - - [05/Apr/2011:22:52:46 -0700] "GET /catalog/dealerwelcome.jsp 
HTTP/1.1" 200 1870
74.77.201.185 - - [05/Apr/2011:22:53:05 -0700] "POST /catalog/authControl.jsp 
HTTP/1.1" 302 -
74.77.201.185 - - [05/Apr/2011:22:53:05 -0700] "GET 
/catalog/dealer/dealerwelcome.jsp HTTP/1.1" 200 1897
74.77.201.185 - - [05/Apr/2011:22:53:12 -0700] "POST 
/catalog/dealer/j_security_check HTTP/1.1" 200 676

The above examples show correct results using IE and Firefox.
Here's an access log from an unsuccessful login using Chrome.  Note the post to 
j_security_check returns a 200 even though the id/password entered was a valid 
one. 
74.77.201.185 - - [05/Apr/2011:23:35:58 -0700] "GET /catalog/dealerwelcome.jsp 
HTTP/1.1" 200 1870
74.77.201.185 - - [05/Apr/2011:23:36:06 -0700] "POST /catalog/authControl.jsp 
HTTP/1.1" 302 -
74.77.201.185 - - [05/Apr/2011:23:36:06 -0700] "GET 
/catalog/dealer/dealerwelcome.jsp HTTP/1.1" 200 1893
74.77.201.185 - - [05/Apr/2011:23:36:09 -0700] "POST 
/catalog/dealer/j_security_check HTTP/1.1" 200 676

 Again, IE & Firefox work fine, Mac, Google and Safari don't.
 
 Thanks for your help,
 Dick

________________________________
From: André Warnier <a...@ice-sa.com>
To: Tomcat Users List <users@tomcat.apache.org>
Sent: Tuesday, April 5, 2011 6:43 PM
Subject: Re: IE & Firefox work fine, Mac, Google and Safari don't authenticate

Hi.

Since I doubt that many people here really feel like going through a bunch of 
lines of badly-formatted configuration, code and logs to figure out exactly 
what is wrong, I suggest that you search Google for
"tomcat form based authentication example" and use one of the numerous ones 
there as a reference.

There is something bizarre in your explanation and data however :

You say that the first part of the log is with Firefox, which works fine.
However, that part contains this line :

> 69.207.4.57 - s...@sor.com [27/Mar/2011:15:34:30 -0700] "GET 
> /Dynacorn/catalog/dealer/dealerwelcome.jsp HTTP/1.1" 500 2158

which shows a status code 500 (= "server error") returned by the server, while 
the part supposedly not working shows no such error.

Another bizarre part is this : the JSP document that you show, appears to be 
the login page, and it contains a <form> line like this :

>         <form method="POST" action="<%= 
>response.encodeURL("j_security_check") %>">

Yet, looking at the log, it does not seem that there is ever a POST to that URL.

It would look like there is some confusion about the basic way in which form 
authentication is supposed to work.  That's also why your best bet may be to 
re-read the on-line documentation, and try first with one of the examples you 
will find in Google.


Dick Eastlake wrote:
> Users can authenticate to the secured area of my Website using IE and 
> Firefox; no problem.  However,Macs, Google and Safari browsers cannot log in.
> 
> Macs, Google and Safari browsers go straight to the form-error-page 
> "not_auth.html".
> 
> Please help!
> 
> 
> I'm using a simple form-based authentication method.
> 
> 
> Here's my WEB.XML (from inside the webapp, not the conf):
> 
> <web-app xmlns="http://java.sun.com/xml/ns/j2ee";
>     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
>     xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
> http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd";
>     version="2.4">
> <display-name>Progressive Commerce Inc</display-name>
> 
> <description>
>     Progressive Website
> </description>
> 
> <security-constraint>
>     <display-name>Progressive Security
>  Constraint</display-name>
>     <web-resource-collection>
>         <web-resource-name>Dealer Area</web-resource-name>
>         <url-pattern>/catalog/dealer/*</url-pattern>
>     </web-resource-collection>
>     <auth-constraint>
>         <role-name>dealer</role-name>
>     </auth-constraint>
> </security-constraint>
> <security-role>
>     <role-name>dealer</role-name>
> </security-role>
> 
> <security-constraint>
>     <display-name>Joe Parts Security Constraint</display-name>
>     <web-resource-collection>
>         <web-resource-name>Joe Parts
>  Area</web-resource-name>
>         <url-pattern>/joeparts/admin/*</url-pattern>
>     </web-resource-collection>
>     <auth-constraint>
>         <role-name>joe</role-name>
>     </auth-constraint>
> </security-constraint>
> 
> <security-role>
>     <role-name>joe</role-name>
> </security-role>
>  <login-config>
>     <auth-method>FORM</auth-method>
>     <realm-name>Progressive Form-Based Authentication Area</realm-name>
>     <form-login-config>
>         <form-login-page>/catalog/dealer_door.jsp</form-login-page>
>         <form-error-page>/not_auth.html</form-error-page>
>     </form-login-config>
> </login-config>
> 
> 
> <resource-ref>
>       <description>
>         jdbc/progressive
>       </description>
>       <res-ref-name>
>         jdbc/progressive
>       </res-ref-name>
>       <res-type>
>         javax.sql.DataSource
>       </res-type>
>       <res-auth>
>         Container
>       </res-auth>
>       <res-sharing-scope>
>         Shareable
>       </res-sharing-scope>
> </resource-ref>
> 
> <welcome-file-list>
>     <welcome-file>index.html</welcome-file>
> </welcome-file-list>
>     </web-app>
> 
> Here's the code from my jsp
> 
>      <jsp:useBean id="dlb" scope="session" 
>class="com.dealer.beans.DealerBean"/>
> 
>     <body bgcolor="#222324" text="#000000">
>         <form method="POST" action="<%= 
>response.encodeURL("j_security_check") %>">
>             <p>&nbsp;</p>
>             <div align="center"> </div>
>             <table width="431" border="0" cellspacing="0" cellpadding="0">
>               <tr bgcolor="#FFFFFF"
>                   <td>
> 
>                 </td>
>                 <td>
>                     <table>
>                     <tr>
>                         <td width="160"><font color="009999"><b><font 
>face="Arial, Helvetica, sans-serif">Email    Address:</font></b></font></td>
>                         <td width="147">
>                               <input tabindex="1" type="text" 
>name="j_username" value="
> <%
>                   out.print(dlb.getEmail() + "\"");
> %>
>                   >      </td>
>                         <td width="49">&nbsp;</td>
>                       </tr>
>                       <tr bgcolor="#FFFFFF">                                  
>      <td width="160" height="20"><font color="009999"><b><font face="Arial,
>  Helvetica, sans-serif">Password:</font></b></font></td>
>                         <td width="147" height="20">
>                           <input tabindex="2" type="password" 
>name="j_password">
>                         </td>
>                       </tr>
>                       <tr bgcolor="#FFFFFF">
>                         <td width="37">&nbsp;</td>
>                         <td width="38">&nbsp;</td>
>                         <td width="160"></td>
>                         <td width="147">
>                               <div align="center">
>                                 <input tabindex="3" type="submit" value="Log 
>In">
>                               </div>
>                         </td>
>                         <td width="49">&nbsp;</td>
>                       </tr>
>                 </table>
>             </table>
>         </form>
>     </body>
> 
> Here's the access log  the entries at 15;34 are using Firefox,  the ones at 
> 15:42 are Google's browser
> 
> 
> 69.207.4.57 - - [27/Mar/2011:15:34:16 -0700] "GET 
> /Dynacorn/catalog/dealerwelcome.jsp HTTP/1.1" 200 1870
> 69.207.4.57 - - [27/Mar/2011:15:34:27 -0700] "POST 
> /Dynacorn/catalog/authControl.jsp HTTP/1.1" 302 -
> 69.207.4.57 - - [27/Mar/2011:15:34:27 -0700] "GET 
> /Dynacorn/catalog/dealer/dealerwelcome.jsp
>  HTTP/1.1" 200 1893
> 69.207.4.57 - - [27/Mar/2011:15:34:30 -0700] "POST 
> /Dynacorn/catalog/dealer/j_security_check HTTP/1.1" 302 -
> 69.207.4.57 - s...@sor.com [27/Mar/2011:15:34:30 -0700] "GET 
> /Dynacorn/catalog/dealer/dealerwelcome.jsp HTTP/1.1" 500 2158
> 69.207.4.57 - - [27/Mar/2011:15:42:14 -0700] "GET 
> /Dynacorn/catalog/dealerwelcome.jsp HTTP/1.1" 200 1870
> 69.207.4.57 - - [27/Mar/2011:15:42:20 -0700] "POST 
> /Dynacorn/catalog/authControl.jsp HTTP/1.1" 302 -
> 69.207.4.57 - - [27/Mar/2011:15:42:20 -0700] "GET 
> /Dynacorn/catalog/dealer/dealerwelcome.jsp HTTP/1.1" 200 1893
> 69.207.4.57 - - [27/Mar/2011:15:42:23 -0700] "POST 
> /Dynacorn/catalog/dealer/j_security_check HTTP/1.1" 200 676
> there are no more entries
> 
> 
> Again, IE & Firefox work fine, Mac, Google and Safari don't.
> 
> Thanks for your help,
> Dick


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Re: IE & Firefox work fine, Mac, Google and Safari don't authenticate

Reply via email to