Hi Sara
I've deployed my custom JAASLoginModule into server/lib directory. Since
Tomcat 5.0.x/5.5.x, the custom JAAS LoginModule can be loaded by the
Catalina Classloader (server/lib, server/classes) either what I prefer.
Regards
Oliver
Hi
Is it possible to configure a valve which is called after the
authentication process?
I've configured the Valve after the Realm but the Valve is called first.
Thanks for your support.
Oliver
*** BITTE BEACHTEN ***
Diese Nachricht (wie auch allfällige
Hi
Is it possible to configure a valve which is called after the
authentication process?
I've configured the Valve after the Realm but the Valve is called first.
Thanks for your support.
Oliver
*** BITTE BEACHTEN ***
Diese Nachricht (wie auch allfällige
Isn't is possible to deploy my custom JAASLoginModule into the server/lib
directory instead of shared/lib or web-inf/lib? The JAASRealm is loaded by
the Catalina classloader either.
You're help is appreciated.
Oliver
*** BITTE BEACHTEN ***
Diese Nachricht
Hi all
I'm looking for a solution to delete the current session in a Valve im
Tomcat 4.1.29.
I hope you can help me.
Oliver
*** BITTE BEACHTEN ***
Diese Nachricht (wie auch allfällige Anhänge dazu) beinhaltet
möglicherweise vertrauliche oder gesetzlich
I had the same problem and could get working it with:
http://www.comu.de/docs/tomcat_ssl.htm
Unfortunately, it didn't work when Tomcat enforces client authentication.
Oliver
Stanislaw Österle
I've done this and it does work. Now I wanted to turn client authentication
on: clientAuth=true
But it doesn't work. I've registred the ca certificates after I've imported
the openssl certificate:
keytool -import -keystore %KEYSTORE_FILE% -storepass 123456 -alias root
-trustcacerts -file
I've created the following keystore for Tomcat 4.1.18:
SET KEYSTORE_FILE=.\.keystore
keytool -import -keystore %KEYSTORE_FILE% -storepass icebeer -alias root
-trustcacerts -file CA_Root_APU.pem
keytool -import -keystore %KEYSTORE_FILE% -storepass icebeer -alias
server_ca -trustcacerts -file
file.
Mark
-Original Message-
From: Oliver Wulff [mailto:[EMAIL PROTECTED]
Sent: Saturday, January 24, 2004 2:25 PM
To: [EMAIL PROTECTED]
Subject: SSL, keystore with ca hierarchy
I've created the following keystore for Tomcat 4.1.18:
SET KEYSTORE_FILE=.\.keystore
keytool
**
Oliver Wulff
Zürich Versicherungs-Gesellschaft
IA4, CoC Middleware
Postfach, 8085 Zürich
Telefon: +41- 1 628 58 07
Fax: +41 - 1 623 58 07
E-Mail: mailto:[EMAIL PROTECTED]
Adam Hardy
Hi
AFAIK, the JAASRealm in Tomcat 4.1.29 is a beta version. Is the JAASRealm
in Tomcat 5.x for production? If yes, can I use the JAASRealm of Tomcat 5.x
in Tomcat 4.1.29?
Thanks for your help
Oliver
*** BITTE BEACHTEN ***
Diese Nachricht (wie auch
Hi Marco
I don't know Tomcat 5.x but what do you mean with your personal security
model? Have you implemented a custom realm?
Oliver
**
Oliver Wulff
Zürich Versicherungs-Gesellschaft
IA4, CoC Middleware
Postfach, 8085 Zürich
a JAAS Realm too but I think
it's beta.
I guess, that JAAS will be part of the J2EE spec in the future - would make
sense, wouldn't it?
Oliver
**
Oliver Wulff
Zürich Versicherungs-Gesellschaft
IA4, CoC Middleware
Postfach, 8085 Zürich
Hi
I noticed that there is an additional tomcat version for jdk 1.4. The
common\endorsed directory is empty where the xerces jars exist on the other
tomcat version. What's the meaning of the endorsed directory? What would
happen when I copy the context of the endorsed directory to the lib
or am I running in other
problems now?
Oliver Wulff
[EMAIL PROTECTED] An: [EMAIL PROTECTED]
rich.ch
Hi
I've got a big problem running my web application inside Tomcat 4.1. I'm
using a third party software in my servlet implementation. This third-party
jar contains xerces classes. But my web application is not running anymore
(VerifyError).
I don't know if there is a versioning conflict
software that uses xerces-1.4.4? This solution
certainly works for most cases, but you may run into trouble if other apps
expect Xerces2.
Jake
Oliver
Wulff
[EMAIL PROTECTED] An:
[EMAIL PROTECTED]
rich.ch
The method authenticate() of the FormAuthenticator class does a redirect
after getting the requestURI (savedRequestURL) (line 293).
I don't understand why you just restore the request ( restoreRequest() )
without a redirect.
// Redirect the user to the original request URI (which will
How can I read and write http header attributes in a valve. I tried the
following inside a valve which does return false in the second call:
import org.apache.catalina.HttpRequest;
import javax.servlet.http.HttpServletRequest;
...
public void invoke(Request request, Response response,
The Tomcat authenticator expects this attribute to be set. But the filter
is called after the authenticator.
*** BITTE BEACHTEN ***
Diese Nachricht (wie auch allfällige Anhänge dazu) beinhaltet
möglicherweise vertrauliche oder gesetzlich geschützte Daten
It's a little bit more complicated. In front of Tomcat, an Apache server is
running which does the authentication and delegates the user-id as an http
header attribute. A valve will read this header attribute and simulate that
the user has been authenticated through basic authentication by
I wrote my custom realm and registred my custom mbeans-descriptors.xml.
When I open the admin webapp and click on my realm in the treeview I get an
error 500 because the attribute digest hasn't been found. Why is Tomcat
looking for this attribute? I haven't defined it in my
files.
Oliver Wulff [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
.
com...
I wrote my custom realm and registred my custom mbeans-descriptors.xml.
When I open the admin webapp and click on my realm in the treeview I get an
error 500 because the attribute digest hasn't been found. Why
We have similar problems.
Our Apache server has done authentication already and the principal is
delegated by a header attribute.
My prototype does the following:
I wrote a Valve which emulates basic authentication:
public void invoke(Request request, Response response, ValveContext
context)
Shouldn't the variable principals of type HashMap be synchronized in
MemoryRealm???
*** BITTE BEACHTEN ***
Diese Nachricht (wie auch allfällige Anhänge dazu) beinhaltet
möglicherweise vertrauliche oder gesetzlich geschützte Daten oder
Informationen. Zum
on classloading in tomcat.
http://jakarta.apache.org/tomcat/tomcat-4.1-doc/class-loader-howto.html
Charlie
-Original Message-
From: Oliver Wulff [mailto:[EMAIL PROTECTED]
Sent: Monday, June 02, 2003 3:23 AM
To: [EMAIL PROTECTED]
Subject: Realm class, Classloader
I'm using Tomcat
How can I configure an Authenticator implicitly and explicitly?
*** BITTE BEACHTEN ***
Diese Nachricht (wie auch allfällige Anhänge dazu) beinhaltet
möglicherweise vertrauliche oder gesetzlich geschützte Daten oder
Informationen. Zum Empfang derselben ist
I'm using Tomcat 4.1.24 and JDK 1.3.1.
I've created a custom realm which is configured like this:
Context path=/sec_test docBase=sec_test debug=0
reloadable=true crossContext=true
Realm className=test.RacfRealm/
/Context
The implementation class test.RacfRealm can be
The problem with filters is:
The problem is that the security contrains are evaluated before the
filter. So I guess that you may have to implement that what you want to
achive with the constraints on your own. (Or you have to configure apache
to do it, and this way omit the constraints from
I have to overwrite the getUserPrincipal in this valve. I tried the
following:
public void invoke(Request request, Response response, ValveContext
context)
throws IOException, ServletException
{
logger.info(invoke);
HttpRequestWrapper wrapper = new HttpRequestWrapper
I wrote a custom HttpServletRequestWrapper and a filter. I've overriden the
method getUserPrincipal() and isUserInRole(). The second one just returns
true back (for test purposes).
Now, I have a problem if I define a security-constraint in the web.xml. I
get the following error if I try to access
Hi
Can I implement a filter which sets the current principal, so that calls to
request.getUserPrincipal().getName() succeed?
In our company, an apache server in front of tomcat authenticates the
client and delegates the user principal as an http header attribute. I want
to read this principal
I took a look to JavaDoc and saw that all methods are deprecated. Is it
really the right way? My first thought was that it's very low level.
Doesn't there exist an easier solution for my problem?
**
Oliver Wulff
Zürich Versicherungs
/software/JavaService/documentation.html
**
Oliver Wulff
Zürich Versicherungs-Gesellschaft
IA4, CoC Middleware
Postfach, 8085 Zürich
Telefon: +41- 1 628 58 07
Fax: +41 - 1 623 58 07
E-Mail: mailto:[EMAIL PROTECTED
org.apache.catalina.connector.RequestWrapper
I'm wondering if I could just implement my custom authenticator (compare
BasicAuthenticator.java) or a custom Realm. But I don't know how I can
register my authenticator.
As mentioned already I want to read the delegated user from a http header
Wulff
**
Oliver Wulff
Zürich Versicherungs-Gesellschaft
IE4, CoC Middleware
Postfach, 8085 Zürich
Telefon: +41- 1 628 14 28
Fax: +41 - 1 623 14 28
E-Mail: mailto:[EMAIL PROTECTED]
*** BITTE BEACHTEN
36 matches
Mail list logo