On 18 March 2012 18:04, Pid <p...@pidster.com> wrote: > On 18/03/2012 13:34, Neil Munro wrote: > > <snip> > >> As for moving my login and fail_login jsp to web-inf the pages could not be >> located and a had a go working in the web.xml file pointing to a path >> relative to /../web-inf/ or similar, I shall try again but I did try your >> suggestion and will try again just to ensure I didn't simply make a typo. > > WEB-INF not web-inf. > > This will work: > > <!-- uses form-based authentication --> > <login-config> > <auth-method>FORM</auth-method> > <form-login-config> > <form-login-page>/WEB-INF/x/login.jsp</form-login-page> > <form-error-page>/WEB-INF/x/fail_login.jsp</form-error-page> > </form-login-config> > </login-config> > > Substitute the 'x' for the directory of your choice. > > > p
This is the layout of my web.xml file: <?xml version="1.0" encoding="ISO-8859-1"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app version="2.4"> <display-name>Regressions Web GUI: V2</display-name> <description>A Web GUI for RIP regression test results: Version 2.</description> <welcome-file-list> <welcome-file>/WEB-INF/login/login.jsp</welcome-file> </welcome-file-list> <!-- LDAP stuff, hopefully! --> <security-constraint> <web-resource-collection> <web-resource-name>Public Area</web-resource-name> <!-- Define the context-relative URL(s) to be protected --> <!--url-pattern/jsp/*/url-pattern--> </web-resource-collection> <auth-constraint> <!-- Anyone with one of the listed roles may access this area --> <role-name>my company users</role-name> </auth-constraint> </security-constraint> <security-constraint> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <!-- Define the context-relative URL(s) to be protected --> <url-pattern>/WEB-INF/login/suites.jsp</url-pattern> <url-pattern>/WEB-INF/login/login.jsp</url-pattern> <url-pattern>/WEB-INF/login/fail_login.jsp</url-pattern> </web-resource-collection> <auth-constraint> <!-- Anyone with one of the listed roles may access this area --> <role-name>my company users</role-name> </auth-constraint> </security-constraint> <!-- uses form-based authentication --> <login-config> <auth-method>FORM</auth-method> <form-login-config> <form-login-page>/WEB-INF/login/login.jsp</form-login-page> <form-error-page>/WEB-INF/login/fail_login.jsp</form-error-page> </form-login-config> </login-config> <!-- Security roles referenced by this web application --> <security-role> <role-name>my company users</role-name> </security-role> </web-app> There is a login directory under WEB-INF with the files inside it, but I just get a 404 error when I try to access the pages that way, I don't understand how this format works, if /login.jsp refers to the login.jsp file located under the jsp directory, how does /WEB-INF mean the WEB-INF directory at the same level as jsp and not a directory inside jsp called WEB-INF? I have been informed there's a global user in the system that can be used to make the initial connection, so my realm config looks like this now: <Realm className="org.apache.catalina.realm.JNDIRealm" connectionName="uid=connectuser,ou=my company users,dc=mycompany,dc=com" connectionPassword="parliament" connectionURL="ldap://my.ldap.server" alternateURL="ldap://my.ldap.server" userBase="ou=my company users,dc=mycompany,dc=com" userSearch="(sAMAccountName={0})" userPattern="uid={0},ou=my company users,dc=mycompany,dc=com" userPassword="userpassword" roleBase="ou=my company users,dc=mycompany,dc=com" roleSubtree="true" roleName="cn" roleSearch="(uniqueMember={0})" /> By working what I mean is that with the connection user in place, I get a list of users populating the selection box in the html page so the query runs and returns what I expect it to, but I still cannot get the system to verify a user and take them to a page inside the web app. I have appended the logging level line and done as you suggested, here is the log output: 2012-03-19 10:24:04 Commons Daemon procrun stderr initialized Mar 19, 2012 10:24:05 AM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: <removed for space reasons> Mar 19, 2012 10:24:05 AM org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-80 Mar 19, 2012 10:24:05 AM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 352 ms Mar 19, 2012 10:24:05 AM org.apache.catalina.core.StandardService start INFO: Starting service Catalina Mar 19, 2012 10:24:05 AM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.35 Mar 19, 2012 10:24:05 AM org.apache.catalina.realm.RealmBase init FINE: Register Realm Catalina:type=Realm,realmPath=/realm0 Mar 19, 2012 10:24:05 AM org.apache.catalina.startup.HostConfig deployDescriptor INFO: Deploying configuration descriptor host-manager.xml Mar 19, 2012 10:24:05 AM org.apache.catalina.startup.HostConfig deployDescriptor INFO: Deploying configuration descriptor manager.xml Mar 19, 2012 10:24:05 AM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive regressions.war Mar 19, 2012 10:24:05 AM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory docs Mar 19, 2012 10:24:05 AM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory examples Mar 19, 2012 10:24:05 AM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory ROOT Mar 19, 2012 10:24:05 AM org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on http-80 Mar 19, 2012 10:24:05 AM org.apache.jk.common.ChannelSocket init INFO: JK: ajp13 listening on /0.0.0.0:8009 Mar 19, 2012 10:24:05 AM org.apache.jk.server.JkMain start INFO: Jk running ID=0 time=0/19 config=null Mar 19, 2012 10:24:05 AM org.apache.catalina.startup.Catalina start INFO: Server startup in 668 ms Mar 19, 2012 10:24:10 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET / --> false Mar 19, 2012 10:24:10 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET / --> false Mar 19, 2012 10:24:10 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET / --> false Mar 19, 2012 10:24:10 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET / --> false Mar 19, 2012 10:24:10 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET / --> false Mar 19, 2012 10:24:10 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET / --> false Mar 19, 2012 10:24:10 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET / --> false Mar 19, 2012 10:24:10 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET / --> false Mar 19, 2012 10:24:10 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: No applicable constraint located Mar 19, 2012 10:24:11 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET / --> false Mar 19, 2012 10:24:11 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET / --> false Mar 19, 2012 10:24:11 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET / --> false Mar 19, 2012 10:24:11 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET / --> false Mar 19, 2012 10:24:11 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET / --> false Mar 19, 2012 10:24:11 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET / --> false Mar 19, 2012 10:24:11 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET / --> false Mar 19, 2012 10:24:11 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET / --> false Mar 19, 2012 10:24:11 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: No applicable constraint located It looks to me (admittedly no expert) that it's unable to find something, I presume that with me using files stored in WEB-INF/login and getting a 404 error that this is all related. I moved the files from WEB-INF/login back to JSP and tried again getting this: 2012-03-19 10:28:41 Commons Daemon procrun stderr initialized Mar 19, 2012 10:28:42 AM org.apache.catalina.core.AprLifecycleListener init INFO: The APR based Apache Tomcat Native library which allows optimal performance in production environments was not found on the java.library.path: <removed for space reasons> Mar 19, 2012 10:28:42 AM org.apache.coyote.http11.Http11Protocol init INFO: Initializing Coyote HTTP/1.1 on http-80 Mar 19, 2012 10:28:42 AM org.apache.catalina.startup.Catalina load INFO: Initialization processed in 353 ms Mar 19, 2012 10:28:42 AM org.apache.catalina.core.StandardService start INFO: Starting service Catalina Mar 19, 2012 10:28:42 AM org.apache.catalina.core.StandardEngine start INFO: Starting Servlet Engine: Apache Tomcat/6.0.35 Mar 19, 2012 10:28:42 AM org.apache.catalina.realm.RealmBase init FINE: Register Realm Catalina:type=Realm,realmPath=/realm0 Mar 19, 2012 10:28:42 AM org.apache.catalina.startup.HostConfig deployDescriptor INFO: Deploying configuration descriptor host-manager.xml Mar 19, 2012 10:28:42 AM org.apache.catalina.startup.HostConfig deployDescriptor INFO: Deploying configuration descriptor manager.xml Mar 19, 2012 10:28:42 AM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive regressions.war Mar 19, 2012 10:28:42 AM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory docs Mar 19, 2012 10:28:42 AM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory examples Mar 19, 2012 10:28:42 AM org.apache.catalina.startup.HostConfig deployDirectory INFO: Deploying web application directory ROOT Mar 19, 2012 10:28:43 AM org.apache.coyote.http11.Http11Protocol start INFO: Starting Coyote HTTP/1.1 on http-80 Mar 19, 2012 10:28:43 AM org.apache.jk.common.ChannelSocket init INFO: JK: ajp13 listening on /0.0.0.0:8009 Mar 19, 2012 10:28:43 AM org.apache.jk.server.JkMain start INFO: Jk running ID=0 time=0/14 config=null Mar 19, 2012 10:28:43 AM org.apache.catalina.startup.Catalina start INFO: Server startup in 659 ms Mar 19, 2012 10:28:53 AM org.apache.catalina.startup.HostConfig checkResources INFO: Undeploying context [/regressions] Mar 19, 2012 10:28:53 AM org.apache.catalina.startup.HostConfig deployWAR INFO: Deploying web application archive regressions.war Mar 19, 2012 10:28:55 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET //login.jsp --> false Mar 19, 2012 10:28:55 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET //login.jsp --> false Mar 19, 2012 10:28:55 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET //login.jsp --> false Mar 19, 2012 10:28:55 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET //login.jsp --> false Mar 19, 2012 10:28:55 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET //login.jsp --> false Mar 19, 2012 10:28:55 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET //login.jsp --> false Mar 19, 2012 10:28:55 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET //login.jsp --> false Mar 19, 2012 10:28:55 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET //login.jsp --> false Mar 19, 2012 10:28:55 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: No applicable constraint located Mar 19, 2012 10:28:56 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET /css/button.png --> false Mar 19, 2012 10:28:56 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET /css/button.png --> false Mar 19, 2012 10:28:56 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET /css/button.png --> false Mar 19, 2012 10:28:56 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET /css/button.png --> false Mar 19, 2012 10:28:56 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET /css/button.png --> false Mar 19, 2012 10:28:56 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET /css/button.png --> false Mar 19, 2012 10:28:56 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Public Area]' against GET /css/button.png --> false Mar 19, 2012 10:28:56 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET /css/button.png --> false Mar 19, 2012 10:28:56 AM org.apache.catalina.realm.RealmBase findSecurityConstraints FINE: No applicable constraint located Mar 19, 2012 10:29:13 AM org.apache.coyote.http11.Http11Protocol pause INFO: Pausing Coyote HTTP/1.1 on http-80 Mar 19, 2012 10:29:14 AM org.apache.catalina.core.StandardService stop INFO: Stopping service Catalina Mar 19, 2012 10:29:14 AM org.apache.catalina.realm.RealmBase destroy FINE: unregistering realm Catalina:type=Realm,realmPath=/realm0 Mar 19, 2012 10:29:14 AM org.apache.coyote.http11.Http11Protocol destroy INFO: Stopping Coyote HTTP/1.1 on http-80 I can see that since I no longer get a 404 error and that the files are being listed now that I was correct in that files were not being found for whatever reasons, however I was dedirected back to the failed login page after trying to access the suites.jsp page. I don't see anything in the log about failing to authenticate a user or anything like that. I am guessing that perhaps the passwords are not being checked or sent correctly for authentication, I know that sometimes tomcat doesn't allow plain text passwords, but I am more tempted to think that perhaps I still have a misconfigured server.xml file to check the entered details. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org