On 24/11/2021 08:06, Mark Thomas wrote:
On 23/11/2021 20:42, Michael B Allen wrote:
On Tue, Nov 23, 2021 at 2:59 PM Thomas Hoffmann (Speed4Trade GmbH)
wrote:
Short Addendum:
The "destroyed" flag gets set, when the dispose-method of the
GSSCredentialImpl was invoked.
Currently, I have no clu
On 23/11/2021 20:42, Michael B Allen wrote:
On Tue, Nov 23, 2021 at 2:59 PM Thomas Hoffmann (Speed4Trade GmbH)
wrote:
Short Addendum:
The "destroyed" flag gets set, when the dispose-method of the GSSCredentialImpl
was invoked.
Currently, I have no clue when and how it happens, but I have see
On Tue, Nov 23, 2021 at 2:59 PM Thomas Hoffmann (Speed4Trade GmbH)
wrote:
>
> Short Addendum:
>
> The "destroyed" flag gets set, when the dispose-method of the
> GSSCredentialImpl was invoked.
> Currently, I have no clue when and how it happens, but I have seen this
> problem every few months.
>
On Mon, Nov 22, 2021 at 2:39 AM Thomas Hoffmann (Speed4Trade GmbH)
wrote:
> Would it be better to also catch IllegalStateException and instead of
> checking left == 0 to change it to left <= 0 ?
I would argue that this is a bug in JGSS. JGSS has been a comedy of
errors over the years. I thought
On 22/11/2021 07:38, Thomas Hoffmann (Speed4Trade GmbH) wrote:
Hello,
we are using apache-tomcat-9.0.54 with LDAP authentication under Windows 2012R2.
One of the user complained that access with Firefox stopped working.
Would it be better to also catch IllegalStateException and instead of ch
2014-11-02 4:34 GMT-02:00 Igor Cicimov :
> On 01/11/2014 6:52 AM, "Nilson Uehara" wrote:
> >
> > I'm testing Memcached to implement failover on my Tomcat servers.
> >
> > Is there any way of implementing security by user / password?
> From what I can see here
>
> https://code.google.com/p/memcach
On 01/11/2014 6:52 AM, "Nilson Uehara" wrote:
>
> I'm testing Memcached to implement failover on my Tomcat servers.
>
> Is there any way of implementing security by user / password?
>From what I can see here
https://code.google.com/p/memcached-session-manager/wiki/SetupAndConfiguration
the instruc
On Nov 1, 2014 10:31 AM, "Nilson Uehara" wrote:
>
> Dan,
> I'm trying to implement Memcached with SASL authentication
>
> https://code.google.com/p/memcached/wiki/SASLHowto
>
> But I can not get Tomcat to connect to it
>
> Nilson Uehara
Please don't top post. Reply inline or at the bottom. It is
Dan,
I'm trying to implement Memcached with SASL authentication
https://code.google.com/p/memcached/wiki/SASLHowto
But I can not get Tomcat to connect to it
Nilson Uehara
2014-10-31 18:18 GMT-02:00 Daniel Mikusa :
> On Fri, Oct 31, 2014 at 3:51 PM, Nilson Uehara
> wrote:
>
> > I'm testing Mem
On Fri, Oct 31, 2014 at 3:51 PM, Nilson Uehara wrote:
> I'm testing Memcached to implement failover on my Tomcat servers.
>
> Is there any way of implementing security by user / password?
>
Can you clarify this request? Are these two separate thoughts, or is
memcached somehow related to the sec
Nilson Uehara wrote:
I'm testing Memcached to implement failover on my Tomcat servers.
Is there any way of implementing security by user / password?
Probably.
-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 7/29/13 12:30 PM, Martin O'Shea wrote:
> Sorry Chris, I'm not sure what I'm looking for here. Can you
> elaborate?
Just read the whole page:
>> Container-provided authentication can be done without writing any
>> code at all:
>>
>> htt
> From: Martin O'Shea [mailto:app...@dsl.pipex.com]
> Subject: RE: Authentication from a REST service
> Sorry Chris, I'm not sure what I'm looking for here. Can you elaborate?
Don't top-post; it makes the conversation impossible to follow.
Step 1: read the securit
Sorry Chris, I'm not sure what I'm looking for here. Can you elaborate?
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: 29 Jul 2013 17 21
To: Tomcat Users List
Subject: Re: Authentication from a REST service
-BEGIN PGP SIGN
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 7/28/13 10:40 AM, Martin O'Shea wrote:
> Have you an example at all?
>
> At the moment, I've simply rigged a simple authentication method of
> my own . Have you a code example of container-provided
> authentication system, or could you r
er Schultz [mailto:ch...@christopherschultz.net]
Sent: 28 Jul 2013 15 37
To: Tomcat Users List
Subject: Re: Authentication from a REST service
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 7/27/13 12:00 PM, Martin O'Shea wrote:
> Are there any suggestions if I'm not using ser
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 7/27/13 12:00 PM, Martin O'Shea wrote:
> Are there any suggestions if I'm not using servlet 3?
Any reason the container-provided authentication system (e.g. HTTP
BASIC) isn't acceptable?
- -chris
-BEGIN PGP SIGNATURE-
Version: G
Are there any suggestions if I'm not using servlet 3?
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: 18 Jul 2013 18 52
To: Tomcat Users List
Subject: Re: Authentication from a REST service
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
M
Chris
I'm checking this with Jersey.
Thanks
Martin O'Shea.
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: 18 Jul 2013 18 52
To: Tomcat Users List
Subject: Re: Authentication from a REST service
-BEGIN PGP SIGNED MESSAGE-
Ha
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 7/18/13 1:08 PM, Martin O'Shea wrote:
> OK. So let me see if I understand what you’re suggesting: I
> already have client and server communicating with each other by
> sending XML requests via Jersey with a servlet implemented in
> web.xm
/*. This filter can then call HttpServletRequest.login?
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: 18 Jul 2013 15 39
To: Tomcat Users List
Subject: Re: Authentication from a REST service
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On
Martin O'Shea wrote:
Chris
It's a case of considering options at the moment. It doesn't matter too much
about the actual expiration time of the session. But a question arises
concerning use of a realm: if I have the following code in a realm in
context.xml for existing browser-based logging i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 7/18/13 10:32 AM, Martin O'Shea wrote:
> It's a case of considering options at the moment. It doesn't matter
> too much about the actual expiration time of the session. But a
> question arises concerning use of a realm: if I have the foll
it be used also for the REST service? And would a servlet be required to
handle authentication?
Thanks
Martin O'Shea.
-Original Message-
From: Christopher Schultz [mailto:ch...@christopherschultz.net]
Sent: 18 Jul 2013 15 05
To: Tomcat Users List
Subject: Re: Authentication from
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Martin,
On 7/18/13 5:34 AM, Martin O'Shea wrote:
> I am in the process of setting up a web service between an android
> app and Tomcat 6.0.26 implemented with Jersey. I already have
> client and server communicating with each other by sending XML
>
Thanks Andre. I have already done so. I thought to ask it on both just in
case.
-Original Message-
From: André Warnier [mailto:a...@ice-sa.com]
Sent: 18 Jul 2013 14 16
To: Tomcat Users List
Subject: Re: Authentication from a REST service
Martin O'Shea wrote:
> Hello
>
>
Martin O'Shea wrote:
Hello
I am in the process of setting up a web service between an android app and
Tomcat 6.0.26 implemented with Jersey. I already have client and server
communicating with each other by sending XML requests. But I would like the
user of the client to be authenticated by
On 17/12/2010 08:27, Mark Thomas wrote:
> On 17/12/2010 07:36, Pid * wrote:
>> On 17 Dec 2010, at 00:37, Steve Mitchell wrote:
>>
>>> I would like my Tomcat instance to authenticate different roles
>>> differently. E.g., admins must use SSL client auth, while regular users
>>> use HTTP basic au
On 17/12/2010 07:36, Pid * wrote:
> On 17 Dec 2010, at 00:37, Steve Mitchell wrote:
>
>> I would like my Tomcat instance to authenticate different roles differently.
>> E.g., admins must use SSL client auth, while regular users use HTTP basic
>> authentication over SSL. This seems like a rout
On 17 Dec 2010, at 00:37, Steve Mitchell wrote:
> I would like my Tomcat instance to authenticate different roles differently.
> E.g., admins must use SSL client auth, while regular users use HTTP basic
> authentication over SSL. This seems like a routine requirement, but it's
> unsupported
untName" property. I
changed this to "CN={0}" and "userPrincipalName={0}" and also failed to pass
the authentication.
On Nov 30, 2010, at 12:29 PM, Caldarale, Charles R wrote:
>> From: long hong [mailto:longhong1...@gmail.com]
>> Subject: Re: authentication
> From: long hong [mailto:longhong1...@gmail.com]
> Subject: Re: authentication fail (JNDI Realm with Tomcat )
> the web root context of my web app is "/fs".
As I suspected. Again, remove the /fs from the ; the webapp name
is never part of any in web.xml.
- Chuck
THI
Sorry for not mention this:
well, the web root context of my web app is "/fs". My login pages are in
webcontent/login(equals to /fs/login).
I just used the /security/protected/*.jsp from tomcat examples. The source
code of the login page is:
Login Page for Examples
Username
> From: long hong [mailto:longhong1...@gmail.com]
> Subject: authentication fail (JNDI Realm with Tomcat )
>
>
> Entire Application
> /fs/*
You probably want just /* in the above ; what you have now
protects only the path /fs *under* your webapp. (Either that, or your
is very wro
Sorry I have posted to the wrong conference.
Add the end of this mail youc can find where I have a problem?
2010/6/17 Pid
> On 16/06/2010 10:08, Petr Hracek wrote:
> > Sorry my wrong explanation. I have ment the when the request is
> > authorized/authenticated by my module how the request should
On 16/06/2010 10:08, Petr Hracek wrote:
> Sorry my wrong explanation. I have ment the when the request is
> authorized/authenticated by my module how the request should be sent to the
> "proxy" IP address define in apache module:
>
> RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
> Rewri
Sorry my wrong explanation. I have ment the when the request is
authorized/authenticated by my module how the request should be sent to the
"proxy" IP address define in apache module:
RewriteRule ^/PAC$ http://192.168.0.23:8080/PACAdmin [P]
RewriteRule ^/PAC/(.*) http://192.168.0.23:8080/PACAdmin/
n seems to fail ( error 403
> forbidden )
>
> Regards
> Shashank
>
>
> On Wed, 2009-12-02 at 19:16 -0800, Robert Koberg wrote:
> > On Dec 2, 2009, at 6:01 PM, Christopher Schultz wrote:
> >
> > > -BEGIN PGP SIGNED MESSAGE-
> > > Ha
( error 403
forbidden )
Regards
Shashank
On Wed, 2009-12-02 at 19:16 -0800, Robert Koberg wrote:
> On Dec 2, 2009, at 6:01 PM, Christopher Schultz wrote:
>
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > Chuck,
> >
> > On 12/2/2009 5:15
On Dec 2, 2009, at 6:01 PM, Christopher Schultz wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Chuck,
>
> On 12/2/2009 5:15 PM, Caldarale, Charles R wrote:
>>> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
>>> Subject: Re:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chuck,
On 12/2/2009 5:15 PM, Caldarale, Charles R wrote:
>> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
>> Subject: Re: Authentication without Authorization ( JNDI Realm )
>>
>> Technically spe
> From: Christopher Schultz [mailto:ch...@christopherschultz.net]
> Subject: Re: Authentication without Authorization ( JNDI Realm )
>
> Technically speaking, this will require authentication but then let
> anyone holding any role defined in web.xml to access any page on your
&
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Shashank,
On 12/2/2009 10:48 AM, shashank@wipro.com wrote:
> Is there any way to use a Realm only for authentication and disable
> authorization ( do not check for roles ) ?
If you are using Tomcat's container-managed authentication and
authoriza
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alec,
On 6/3/2009 12:25 PM, Alec Swan wrote:
> Bill, thank you for your feedback. I read up on CLIENT-CERT and am now
> surprised that Bill was the only one to mention it. It sounds like
> CLIENT-CERT is the scheme that we should. We can generate cert
Bill, thank you for your feedback. I read up on CLIENT-CERT and am now
surprised that Bill was the only one to mention it. It sounds like
CLIENT-CERT is the scheme that we should. We can generate certificates and
ask our customer to distribute it to its users and have them install
certificates in t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alec,
On 6/2/2009 6:08 PM, Alec Swan wrote:
>> ? You can't put HTTP headers "in" a link, unless you're processing
>> it through some proxy mechanism...
>>
>
> Looks like the last SecurityFilter build was released on Dec. 14,
> 2004, which makes me
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alec,
On 6/2/2009 2:03 PM, Alec Swan wrote:
> Hassan, I don't think that the goals are contradictory, because each goal
> applies to its own group of users: our customer users and everybody else.
> Customer users should not have to enter user name and
"Alec Swan" wrote in message
news:34abb48b0906021503t158542a5ube612b5ccfad0...@mail.gmail.com...
> On Tue, Jun 2, 2009 at 2:34 PM, Jonathan Mast
> wrote:
>
>> Alec, so basically members of your client company should be able to have
>> direct access to a servlet that is otherwise restricted to a
ie de ceci est
interdite. Ce message sert à l'information seulement et n'aura pas n'importe
quel effet légalement obligatoire. Étant donné que les email peuvent facilement
être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité
pour le contenu fourni.
>
>
> ? You can't put HTTP headers "in" a link, unless you're processing
> it through some proxy mechanism...
>
Looks like the last SecurityFilter build was released on Dec. 14, 2004,
which makes me hesitant to use it.
I am wondering if it is possible to use JavaScript to include the user name
and
On Tue, Jun 2, 2009 at 2:34 PM, Jonathan Mast wrote:
> Alec, so basically members of your client company should be able to have
> direct access to a servlet that is otherwise restricted to a handful of
> users who must authenicate themselves with a username/password login,
> right?
>
Yes, this is
On Tue, Jun 2, 2009 at 1:01 PM, Alec Swan wrote:
> We have one corporate customer who is putting a link to our servlet on their
> intranet web page. Therefore, we know the domain name of the users who need
> custom authentication.
Seems iffy -- none of these users will ever be working remotely
a
Alec, so basically members of your client company should be able to have
direct access to a servlet that is otherwise restricted to a handful of
users who must authenicate themselves with a username/password login, right?
One solution to this situation would be to create a simple servlet that
snif
I may not be explaining it clearly.
We have one corporate customer who is putting a link to our servlet on their
intranet web page. Therefore, we know the domain name of the users who need
custom authentication. We can also tell the customer to put whatever we need
in the link, such as HTTP header
On Tue, Jun 2, 2009 at 11:03 AM, Alec Swan wrote:
> Hassan, I don't think that the goals are contradictory, because each goal
> applies to its own group of users: our customer users and everybody else.
> Customer users should not have to enter user name and password, but
> everybody else should.
Hassan, I don't think that the goals are contradictory, because each goal
applies to its own group of users: our customer users and everybody else.
Customer users should not have to enter user name and password, but
everybody else should.
Also, in general it is possible to authenticate a user with
On Tue, Jun 2, 2009 at 10:22 AM, Alec Swan wrote:
> We would also like to continue using the existing authentication mechanism.
> So, the question is how can we ... allow authentication to happen
> without requiring the end-user to type in the user name and password?
Your goals seem contradicto
On 9 Oct 2008 at 14:16, Christopher Schultz wrote:
> Maurizio,
Christopher,
> Maurizio Lotauro wrote:
> > On 6 Oct 2008 at 14:58, Christopher Schultz wrote:
[...]
> If you are writing network code, you need to handle disconnects at
> any time.
This is handled, but in that case there is no nee
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Maurizio,
Maurizio Lotauro wrote:
> On 6 Oct 2008 at 14:58, Christopher Schultz wrote:
>> Is it a problem to get this 401 before the request is complete?
>
> In my case it was a problem because the receive of the server response
> trigger an "end of
On 6 Oct 2008 at 14:58, Christopher Schultz wrote:
> Maurizio,
Christofer,
> Maurizio Lotauro wrote:
> > I already read this rfc and now I have read it again, but I'm
> unable to found where it
> > describe that the server can answer with 401 before the client has
> finished to send all data.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Maurizio,
Maurizio Lotauro wrote:
> I already read this rfc and now I have read it again, but I'm unable to found
> where it
> describe that the server can answer with 401 before the client has finished
> to send all data.
There's nothing that sa
On 30 Sep 2008 at 18:27, Caldarale, Charles R wrote:
> > From: Maurizio Lotauro
> > [mailto:[EMAIL PROTECTED]
> > Subject: Authentication behaviour
> >
> > The server answers with 401 before it has received the
> > whole content send from client. In fact it seems that
> > the answer become right a
> From: Maurizio Lotauro
> [mailto:[EMAIL PROTECTED]
> Subject: Authentication behaviour
>
> The server answers with 401 before it has received the
> whole content send from client. In fact it seems that
> the answer become right after the server has received
> the http header.
Looks proper to me
Erik Rumppe wrote:
> For right now I am using BASIC authentication. There are 3 roles
> defined in the tomcat-users.xml file. To access different areas of my
> application requires different levels of roles. I want my users to be
> able to click on a link and if they don't meet the role requirem
> From: Kev Sout [mailto:[EMAIL PROTECTED]
> Subject: authentication
>
> I have authentication working in my Engine using a JNDIRealm.
> However, I now need to look in two places (ldap directories
> in this case) for users.
You could use JAASRealm, since JAAS allows multiple authentications in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jean,
jmuller wrote:
> I've written my own DataSourceRealm that overwrite Tomcat's one, and put the
> jar in server/lib.
> It only overwrites the getRoles() method to change the SQL statement. See
> source here: http://www.nabble.com/file/p12820411/D
:
>
> possible OpenSessionInViewFilter problem
> which version hibernate are you implementing with?
>
> M--
> - Original Message -
> From: "jmuller" <[EMAIL PROTECTED]>
> To:
> Sent: Friday, September 21, 2007 9:14 AM
> Subject: Re: Authentication and auth
possible OpenSessionInViewFilter problem
which version hibernate are you implementing with?
M--
- Original Message -
From: "jmuller" <[EMAIL PROTECTED]>
To:
Sent: Friday, September 21, 2007 9:14 AM
Subject: Re: Authentication and authorization questions
>
>
&
Christopher Schultz-2 wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> ...
>> How can you use JDBCRealm or DataSourceRealm with [numeric] foreign keys
>> from roles
>> table to user table, rather than requiring the roles table to duplicate
>> whatever field (e.g. username, email address) will act
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lb,
lightbulb432 wrote:
> But if the login and login-error pages are the same page (meaning
> that when someone fails an access check they get redirected to the
> login-error page, which is actually the login page where they must
> re-enter their cred
Great response. Follow-up questions below:
Christopher Schultz-2 wrote:
> When you login using form-based authentication, where invalid login
> attempts
>> redirect to the "form-error-page", how do you add a custom message to
>> that
>> page saying "Login Failed"? I ask because common practice i
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lb,
lightbulb432 wrote:
> Where does Tomcat authentication fit into the request processing lifecycle?
> Does it happen before even the very first filter gets called?
Yes. It's implemented as a Valve that runs before any of your code gets
a chance to
Below...
I hope it helps
Glenn Mc
- Original Message -
From: "lightbulb432" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, August 29, 2007 2:33 PM
Subject: Authentication and authorization questions
I have several questions about authentication and authorization in Tomcat
below, so an
o: Tomcat Users List
Subject: RE: authentication security constraint error
> From: Propes, Barry L [GCG-NAOT]
> [mailto:[EMAIL PROTECTED]
> Subject: RE: authentication security constraint error
>
> Yeah, I had them in there.
Are they in the right order relative to the other el
now I'll double check that part. That could be an issue.
-Original Message-
From: Caldarale, Charles R [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 21, 2007 5:35 PM
To: Tomcat Users List
Subject: RE: authentication security constraint error
> From: Propes, Barry L [
> From: Propes, Barry L [GCG-NAOT]
> [mailto:[EMAIL PROTECTED]
> Subject: RE: authentication security constraint error
>
> Yeah, I had them in there.
Are they in the right order relative to the other elements? The
schema is rather picky about how things are arranged. The
we
Yeah, I had them in there.
-Original Message-
From: Caldarale, Charles R [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 21, 2007 5:02 PM
To: Tomcat Users List
Subject: RE: authentication security constraint error
> From: Propes, Barry L [GCG-NAOT]
> [mailto:[EMAIL PRO
ok, thanks, Chuck.
-Original Message-
From: Caldarale, Charles R [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 21, 2007 5:02 PM
To: Tomcat Users List
Subject: RE: authentication security constraint error
> From: Propes, Barry L [GCG-NAOT]
> [mailto:[EMAIL PROTECTED]
>
> From: Propes, Barry L [GCG-NAOT]
> [mailto:[EMAIL PROTECTED]
> Subject: authentication security constraint error
>
> However, when I added info in my server.xml file to try and
> attempt DBCP, I get a warning in my logs about something
> being defined in in an auth-constraint without being
On Fri, 2007-02-02 at 09:37 +0100, David Rodríguez Fernández wrote:
> Can tomcat read the file login.html? I think this is a permissions problem.
>
I am using BASIC mode of authentication. It works.
> -Mensaje original-
> De: Deepan [mailto:[EMAIL PROTECTED]
> Enviado el: viernes, 26
Can tomcat read the file login.html? I think this is a permissions problem.
-Mensaje original-
De: Deepan [mailto:[EMAIL PROTECTED]
Enviado el: viernes, 26 de enero de 2007 8:22
Para: Tomcat Users List
Asunto: authentication using active directory
Hi,
I am trying to authenticate using A
On Fri, 2007-01-26 at 11:09 -0500, Propes, Barry L [GCG-NAOT] wrote:
> you have to use the usernames and passwords as j_username and j_password. You
> didn't try to change that did you?
>
I had just switched to Basic authentication mode. Will update username
and password to j_username and j_pass
you have to use the usernames and passwords as j_username and j_password. You
didn't try to change that did you?
-Original Message-
From: Deepan [mailto:[EMAIL PROTECTED]
Sent: Friday, January 26, 2007 1:22 AM
To: Tomcat Users List
Subject: authentication using active directory
Hi,
I a
Most likely - you need to remove /gridsphere from your login config
-Tim
Deepan wrote:
Hi,
I am trying to authenticate using Active directory for one my
application in tomcat. ( I have only one application deployed in
tomcat).
I had configured server.xml and web.xml to use /gridsphere/login
Nathan,
>> One question: if you a user who needs access to both resources, why are
>> they not associated with both roles? That's the general [way] to do
>> authorization.
>
> Well... To be honest we are still in the process of developing use cases
> for our user authentication. It may well be th
On Oct 9, 2006, at 11:20 AM, Christopher Schultz wrote:
Nathan,
I am using Tomcat 5.5. I would like to be able to specify different
authentication rules for different url patterns within my web
application.
[snip]
However, if I try it with a browser, once I authenticate for one URI,
then
Nathan,
> I am using Tomcat 5.5. I would like to be able to specify different
> authentication rules for different url patterns within my web
> application.
[snip]
> However, if I try it with a browser, once I authenticate for one URI,
> then I am locked out of the other one until I successfully
Walter do Valle wrote:
> Any help is welcome.
For the cert that isn't listed, it is likely that the root CA for that
cert is not known in your Java environment. Take a look at
JAVA_HOME\jre\lib\security\cacerts with keytool.
Mark
--
The connector receiving requests from httpd needs the attribute
tomcatAuthentication set to "false" in server.xml. Otherwise tomcat will
ignore the REMOTE-USER header provided by httpd.
-- David
Oliver Enders wrote:
Hy,
I have the following constelation:
Windows XP
Apache 2.0.58
Tomcat 4.1
D'oh!
Turns out that the ant script (which I inherited - a minor excuse) was
importing a properties file that set the very same properties I tried to
define in the script, e.g., "tomcat.manager.username". Great minds name
alike, I guess. Properties being immutable, my changes were ignored.
Mark -
Thanks for the pointers. I ended up picking up code from the
Tomcat source of org.apache.catalina.ant.AbstractTask and using that to do
Basic Authentication. I've got it working now.
Garey Mills
Library Systems Office
UC Berkeley
The brain is not where you think
On Tue, 18 Apr
Garey Mills wrote:
> Mark -
>
> I have looked at the manager app how-to, and it doesn't describe
> how connect from a script. I have this
>
>
> private static String stop =
> "http://myhost:8080/manager/stop?path=/
Mark -
I have looked at the manager app how-to, and it doesn't describe
how connect from a script. I have this
private static String stop =
"http://myhost:8080/manager/stop?path=/myapp";;
public static void
Marc Farrow wrote:
> You have to use the webdav application provide from tomcat. Check under
> $tomcat_home/webapps/webdav/web.xml. there is a line commented out that
> states some property of read-only = false. by default it is read-only and
> you have to manually turn it on.
What on earth has
You have to use the webdav application provide from tomcat. Check under
$tomcat_home/webapps/webdav/web.xml. there is a line commented out that
states some property of read-only = false. by default it is read-only and
you have to manually turn it on.
On 4/18/06, Garey Mills <[EMAIL PROTECTED]
the real problem is that we can't do anything before or after authentication
using a filter solve this problem with url pattern j_securty_check
but this is avoided because this authentication method "must be" equal basic
authentication?
this makes real authentication scenarios where we need crea
96 matches
Mail list logo
