Configuation
--
Tommat 5.5.2
Windows XP
JDK 1.5
Requirement
--
I have a Security realm Authentication ready for a Web
Application linking to a Database. When the user sign
ups the form then he has to login into the application
through the signup form instead of directly
I am having a bit of an intermittent problem with Realm Authentication.
I've got a jdbc realm (backed by hsql) configured for form based
authentication under Tomcat 4.1.30.
My application is developed on Struts 1.1.
The problem I'm running into is that even after entering correct
credentials, I
I am trying to use the JDBC realm in my Tomcat web application and
it mostly works, but after logging into the application, Tomcat
sends the application's style.css file to my browser...
I am using Tomcat 5.0.16 on a Fedora Core 2 system. I have configured
the JDBC realm this way in
List [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Wrong file served after JDBC Realm authentication
Date: Wed, 16 Jun 2004 23:19:09 -0400
I am trying to use the JDBC realm in my Tomcat web application and
it mostly works, but after logging into the application, Tomcat
sends the application's
Hi,
I've got a problem with a tomcat 4.1.30. I want a webapp to use a
JNDIRealm for authentication which in turn uses NIS for authenticating
the user. But this doesn't work, I cannot login using correct password
and username.
server.xml looks like this for the Realm:
Realm
Hi,
I've written one step by step for this. It's for Tomcat on Linux, but I
don't think Windows is different at all, at least for the realm part.
Can't say the same for the installation. You can view it at
http://www.connecties.com/cymulacrum/tomcat5/c578.html. This is for JDBC
Or maybe you
On 04/18/2004 12:22 PM Frank Schaare wrote:
I've written one step by step for this. It's for Tomcat on Linux, but
I don't think Windows is different at all, at least for the realm
part. Can't say the same for the installation. You can view it at
Frank Schaare wrote:
Or maybe you just think that my writing sucks
i´m reading a lot of this stuff but your writing definetly NOT sucks !
Is is cool, short and very useful, thank you for posting your link.
Greetings from Germany...
Thanks a lot, Frank !!
I hope it's good enough for another
Hi Tomcat users,
I am a new user and have Tomcat 5.0.19 - windows. I only run one application
which is running well on our intranet. I am thinking of giving external
(outside my firewall) users access. I have configured Tomcat for SSL, no
problems.
As added security, I wanted to authenticate
Matthew Bechly wrote:
Hi Tomcat users,
I am a new user and have Tomcat 5.0.19 - windows. I only run one application
which is running well on our intranet. I am thinking of giving external
(outside my firewall) users access. I have configured Tomcat for SSL, no
problems.
As added security, I
Hello,
Is it possible to set a timeout or manually logout a user that is
authenticated with a realm?
Because the user is always 'logged' until the navigator is closed.
Cheers,
--
***
Joan Jesús Pujol Espinar
Tècnic de Sistemes
Universitat de
On 03/11/2004 08:56 AM Ronald Wildenberg wrote:
My biggest unknown right now is, because the server handles the
creation of the session, what would it take to make the server grab
a user object from the database and store it in the session after
the user logs in?
Can't you use an
Hey Everyone -
I have been trying to figure out if Realm authentication is appropriate
for my project or if I need to implement my own.
My biggest unknown right now is, because the server handles the creation
of the session, what would it take to make the server grab a user object
from
Hi,
I've run into this in JBoss and ended up making some custom mechanisms
-
I'm hoping I don't have to do the same here!
You would have to write custom code.
Yoav Shapira
This e-mail, including any attachments, is a confidential business communication, and
may contain information that is
My biggest unknown right now is, because the server handles
the creation
of the session, what would it take to make the server grab a
user object
from the database and store it in the session after the user
logs in?
Can't you use an HttpSessionListener for this? It is called right
Goal: Using forms based authentication, a user logs into a site with a valid user
ID/password, and is redirected to a page explaining that the password has expired and
user must change their password.
What's a good way to reach this goal? I've been working with a custom realm module, so
I know
A possible solution:
- Your custom realm sets a session attribute to indicate that the password must
be changed.
- You create a filter that checks this attribute and redirect the use to the
password change page if needed.
-Vincent.
Goal: Using forms based authentication, a user logs into a
Vincent,
Thanks! Great solution. How can I set a session variable in a custom realm?
-Original Message-
From: Vincent Aumont [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 10:24 AM
To: Tomcat Users List
Subject: Re: Realm Authentication and Password Change
A possible solution
-
From: Vincent Aumont [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 10:24 AM
To: Tomcat Users List
Subject: Re: Realm Authentication and Password Change
A possible solution:
- Your custom realm sets a session attribute to indicate that the password must
be changed.
- You create a filter
-Original Message-
From: Vincent Aumont [mailto:[EMAIL PROTECTED]
Sent: Monday, November 10, 2003 10:57 AM
To: Tomcat Users List
Subject: Re: Realm Authentication and Password Change
session.setAttribute().
Don't forget to remove the attribute from the session when you're done,
Actually, you
You could use a Filter. Once authenticated, the filter can check to see if
the user's password needed changed. If so, you can sendRedirect() or let the
next filter in the chain do its thing.
-Tim
Shain, Jim wrote:
Goal: Using forms based authentication, a user logs into a site with a valid
I'm using tomcat 4.1.18 with Microsoft Internet Explorer 6.0 sp1 as the
browser and oracle as the database to which I authenticate users.
Oddly, the colon character cannot be used in user names, but can be used in
passwords. I'm assuming my code is at fault, but I cannot see how.
Perhaps there
In the basic authentication approach the userid and password
are concatenated with a ':' between them, base64 encoded, then
placed in an HTTP header to send to the server.
Obviously, the server will have trouble differentiating between
the ':' in the username and the one separating the user name
How is it possible I get this message:
HTTP Status 400 - Invalid direct reference to form login page
during JDBC Realm FORM authentication.
These are the stpes I followed :
1. create tables in mysql db :
create table IsInRole(
usernamevarchar(20) not null,
Hi,
I am facing this problem.
The Form Based Realm Authentication is not able to recreate the original post
request.
To recreate the problem:
-Request a page protected with Form Based authentication.
-Login to the application.
-Stop at a page which has a form with method POST, till session
Hello,
I'am trying to authenticate an user with tomcat/SSL and using FORM realm.
Now I can't use the SSL only when the user give his password.
Is it possible?.
Thank you
___
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Message-
From: Sean Dockery [mailto:[EMAIL PROTECTED]]
Sent: Thursday, February 06, 2003 8:34 PM
To: Tomcat Users List
Subject: Re: JDBC Realm Authentication Problem
Where I wrote did you remove, I meant to write did you omit. Basically
I want to know exactly what you edited out
Yes, that is correct. To have a Realm apply only to a context, it must
declared inside the context tags. So...
Context ... /
becomes
Context ...
Realm ... /
/Context
--
Sean Dockery
[EMAIL PROTECTED]
Certified Java Web Component Developer
Certified Delphi Programmer
SBD Consultants
A small problem here, can't seem to figure out why.
In the following server.xml, if I remove the context level realm, the authentication
fails against the database (I can connect on startup, but I cannot authenticate to
access the manager or admin applications). However, if I put the context
Um. I don't see a context-level realm in there. There is a host-level
realm, however. :-)
Did you remove anything at all (such as other Realms) from the server.xml
file that you presented?
At 13:29 2003-02-06 -0400, you wrote:
A small problem here, can't seem to figure out why.
In the
Where I wrote did you remove, I meant to write did you omit. Basically
I want to know exactly what you edited out of the server.xml file that you
put in your message because you didn't think it was relevant.
Basically, I suspect that if you left the memory realm at the engine level
that
The application we are working on is laid out on the network like so (*
means many):
Apache2
jk2_mod
Tomcat4 Web Site Servers*
internal network mapping
Tomcat4 File Servers*
Basically the application acts much like sourceforge or another download
site, but I would like to carry authentication
I have a JDBCRealm setup that works great. I can log in, it protects the
resource I specified.
But when I stop, then start tomcat, I lose the authentication and have to
relogin.
Looking at the log, I do see that my session was restored properly.
I ensured that PersistentManager was set to
On Fri, 5 Apr 2002, Bill Gibbs wrote:
Date: Fri, 5 Apr 2002 09:12:16 -0500
From: Bill Gibbs [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Realm Authentication lost when tomcat is restarted
I have a JDBCRealm setup that works great. I can
I'm using Tomcat 4.0.1 to develop a web-site application that needs to use
popup browser windows. I have the main page protected by a JDBCRealm and
it's working nicely. Now that I've added the popups, the popup window
opens fine using the authentication of the main windows. However, when
Realm Authentication
I'm using Tomcat 4.0.1 to develop a web-site application that needs to use
popup browser windows. I have the main page protected by a JDBCRealm and
it's working nicely. Now that I've added the popups, the popup window
opens fine using the authentication of the main windows
ajp13
Do I have a way to do it, though?
Thanks again
-leo
Yes, tomcatAuthentication is not present in the ajp13 implementation of
TC 4.0.1, but will be ported from 3.3 for 4.0.2..
Saludos ,
Ignacio J. Ortega
Hi all,
I can't use the ajp13 connector with the realm authentication
i want to use database for (form based) user authentication but problem is
that i have crypted user passwords and JDBCRealm.class expects plain
passwords. Would it be enough if i change JDBCRealm class to encrypt
password typed in the form before it checks it against password in the
database? i
( and Tomcat
4.0 too ).
Saludos ,
Ignacio J. Ortega
-Mensaje original-
De: Dario Novakovic [mailto:[EMAIL PROTECTED]]
Enviado el: lunes 22 de enero de 2001 0:41
Para: tomcat-user
Asunto: JDBC realm authentication
i want to use database for (form based) user authentication
but problem
39 matches
Mail list logo