Hi guys.
I'm having trouble setting up DIGEST authentication for single webapp in
Tomcat 5.0.27.
does anyone have done it successfully
I'd appreciate some guidance in this area
Alex
Hi,
I am trying to get application to authenticate so that the credentials
are carried into all subsequent request, what I have a persistence
realm that holds all the user/pasword and other info, I have a custom
login screen that we are using for all appservers websphere,weblogic
.. these other
I'm running Apache 1.3.27 and Tomcat 4.1.29 and Oracle 4.2.04. When i
have everything running on the same box authentication works just fine
and Oracle puts out the requested data. But when i try to authenticate
via remote box (also running oracle on this remote box) it fails with
Since the root cause is:
*root cause*
java.lang.UnsatisfiedLinkError: checkUser
at FuseBoxServlet.checkUser(Native Method)
at FuseBoxServlet.doGet(FuseBoxServlet.java:40)
at FuseBoxServlet.doPost(FuseBoxServlet.java:9)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
Using Tomcat 4.1.X, I'm attempting to switch a web app from basic auth to
form-based. I'm having difficulty in one area. After creating the new form
and posting to j_security_check, I wish to GET my welcome page. It
appears to be doing this from the URL in the address bar, but the page looks
To: '[EMAIL PROTECTED]'
Subject: form-based authentication question
Using Tomcat 4.1.X, I'm attempting to switch a web app from basic auth
to
form-based. I'm having difficulty in one area. After creating the new
form
and posting to j_security_check, I wish to GET my welcome page. It
appears
Hi
I have successfully set up tomcat to protect various parts of my
application using JDBCrealm and form-based-authentication, and it all
works fine.
Now i have written a system whereby new users can register and it
creates them their chosen username and puts them in the right roles in
the
I can set up Tomcat's authentication fine, either basic (or digest) or form-based.
Everything I read seems to prefer form-based, because you can customize the screen.
However, basic as least encrypts the userID/password, and digest does that even
better. But form-based just sends these thing
Basic authentication is so weak that it is the equivalent of cleartext. If
security of a password is an issue, use SSL.
-Tim
Dave Naden wrote:
I can set up Tomcat's authentication fine, either basic (or digest) or form-based. Everything I read seems to prefer form-based, because you can
Use SSL with Form Based AUTH.
Then all traffic is SSL protected.
Dave Naden wrote:
I can set up Tomcat's authentication fine, either basic (or digest) or form-based. Everything I read seems to prefer form-based, because you can customize the screen. However, basic as least encrypts the
We've had an Apache 1.3.26 / Tomcat 4.0.3 configuration for load balancing and the
authentication was using the apache htaccess method, it has been working fine.
After I upgraded to Tomcat 4.1.24 ( I didn't make any changes to the apache), I am
having problems with the authentication. Looks
add this to the web.xml
error-page
error-code401/error-code
location/errorpage.jsp/location
/error-page
- Original Message -
From: Koes, Derrick [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, March 25, 2003 6:22 PM
Subject: Basic authentication question
I wish
-
From: Boon Seong [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 25, 2003 5:27 PM
To: Tomcat Users List
Subject: Re: Basic authentication question
add this to the web.xml
error-page
error-code401/error-code
location/errorpage.jsp/location
/error-page
- Original Message -
From
/login-config
- Original Message -
From: Koes, Derrick [EMAIL PROTECTED]
To: 'Tomcat Users List' [EMAIL PROTECTED]
Sent: Tuesday, March 25, 2003 6:31 PM
Subject: RE: Basic authentication question
Unfortunately, this does not work.
Tomcat seems to use 401 as a prompt to put up the basic
-methodBASIC/auth-method
realm-nameDORA/realm-name
/login-config
-Original Message-
From: Boon Seong [mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 25, 2003 5:37 PM
To: Tomcat Users List
Subject: Re: Basic authentication question
In that case, meaning it is a protected resource right
Here my scenario:
We have two applications runing on the same
server (App A and App B)
What we'd like to do is to allow one login
prompt but two different role initializations.
In other words suppose the user browses the web
site and comes upon a page that she needs to
authenticate herself
Have you turn on the SingleSignOn valve in server.xml?
-Paul
Mark Shaw wrote:
I'm hoping someone can shed some light on a particular behavior I'm
experiencing with BASIC authentication and session cookies:
I've set up my servlet to use BASIC authentication and I'm my own very
simple realm
Mark Shaw wrote:
In subsequent requests I pass back the sessionID (in a cookie
labeled jsessionid...) instead of the BASIC authentication
You need to include the authentication information with
every request for a protected resource, or you're going
to get another challenge. rfc2617 says:
I'm hoping someone can shed some light on a particular behavior I'm
experiencing with BASIC authentication and session cookies:
I've set up my servlet to use BASIC authentication and I'm my own very
simple realm implementation:
protected String getPassword(String username) { return tomcat; }
On Wed, 6 Mar 2002, Mark Shaw wrote:
Date: Wed, 6 Mar 2002 22:37:17 -0800
From: Mark Shaw [EMAIL PROTECTED]
Reply-To: Tomcat Users List [EMAIL PROTECTED]
To: '[EMAIL PROTECTED]' [EMAIL PROTECTED]
Subject: BASIC Authentication Question
I'm hoping someone can shed some light
Is there any method to get on a JSP the user authenticated through JDBCRealm
?
String username = request.getRemoteUser();
(Remember JSPs are just servlets).
-Original Message-
From: Guido Medina [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 17, 2001 2:20 PM
To: '[EMAIL PROTECTED]'
Subject: Authentication question...
Is there any method to get
I know, that's what I was asking, the method (JSP Servlet)
-Original Message-
From: Randy Layman [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 17, 2001 2:42 PM
To: Tomcat Users List
Subject: RE: Authentication question...
String username = request.getRemoteUser();
(Remember JSPs
and I forgot it, thank you...Guido
-Original Message-
From: Randy Layman [mailto:[EMAIL PROTECTED]]
Sent: Monday, December 17, 2001 2:42 PM
To: Tomcat Users List
Subject: RE: Authentication question...
String username = request.getRemoteUser();
(Remember JSPs are just servlets
I'm successfully using FORM-based logins in my application but I have
a few questions. When a user logs in, I want to attach certain information
to the session. Currently I use a filter that checks to see if the
request.getRemoteUser is set (or has changed) and if so, I do a database
call to
On Fri, 7 Sep 2001, Kevin HaleBoyes wrote:
Date: Fri, 7 Sep 2001 16:48:01 +0100 (BST)
From: Kevin HaleBoyes [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: FORM-based authentication question
I'm successfully using FORM-based logins in my application but I
26 matches
Mail list logo