-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Barry,
Propes, Barry L wrote:
is the bottom line that he (Semen's) wanting certain areas protected
by a role, and other areas protected/accessible only by another role?
Sounds like he wants user-level authorization, which Tomcat just doesn't
do.
Hi,
I'm developing servlet using servlet API 2.3 on Tomact application server,
now my task is to implement path based authentication (pba) with the
following Tomcat configuration:
auth-method= BASIC
Realm className=org.apache.catalina.realm.MemoryRealm
But behavior I need is:
1. If Tomcat gets
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
But behavior I need is: 1. If Tomcat gets request with no user
information data (username/password) it should pass it to servlet and
then servlet after handling request's URI according to pba config
file may send
Christopher, thanks for reply.
2007/10/9, Christopher Schultz [EMAIL PROTECTED]:
You cannot do this with Tomcat's authentication mechanism. You will have
to provide an alternative implementation. I recommend looking st
securityfilter ( http://securityfilter.sourceforge.net ).
Well,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
Christopher, thanks for reply.
2007/10/9, Christopher Schultz [EMAIL PROTECTED]:
You cannot do this with Tomcat's authentication mechanism. You will
have to provide an alternative implementation. I recommend
Christopher,
2007/10/9, Christopher Schultz [EMAIL PROTECTED]:
You cannot do this with Tomcat's authentication mechanism. You will
have to provide an alternative implementation. I recommend looking
st securityfilter ( http://securityfilter.sourceforge.net ).
Well, securityfilter
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
Christopher,
2007/10/9, Christopher Schultz [EMAIL PROTECTED]:
You cannot do this with Tomcat's authentication mechanism. You will
have to provide an alternative implementation. I recommend looking
st
Christopher, thank you for your great help,
2007/10/10, Christopher Schultz [EMAIL PROTECTED]:
...why you want your own servlets to do the authorization instead
of the container (or securityfilter)?
This is the main question. Today we decided to do nothing new with
authentication and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
Well, have you ever configured path based authentication for Subversion
Server?
Oh, you're using WebDAV. :(
So if there is no security-constraint element in
web.xml, Tomcat doesn't provide authorization, right?
: Tuesday, October 09, 2007 5:08 PM
To: Tomcat Users List
Subject: Re: Anonymous access with Tomcat Authentication configured.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Semen,
Semen Vadishev wrote:
Well, have you ever configured path based authentication for Subversion
Server?
Oh, you're using
Christopher,
2007/10/10, Christopher Schultz [EMAIL PROTECTED]:
Tomcat's built-in AA requires that an unauthenticated user request a
protected resource (protected by a security-constraint). When this
happens, Tomcat intercepts the request internally and issues the
appropriate login request
11 matches
Mail list logo