--- Begin Message ---Hello,I have problem to secure my java web application with Cosign filter on Apache Tomcat and I want to ask you kindly for help. I followed tutorial from http://www.itcs.umich.edu/itcsdocs/s4364/#java. And I have few questions here .. First of all is to web.xml file and cosignConfig.xml file. I have both of these files in %TOMCAT_HOME%/conf folder (Also jaas.config and keystore.jks files). Is it ok? On Tomcat I need to secure web application placed at %TOMCAT_HOME %/webapps/myapplication. Should I define Cosign filter mappings in %TOMCAT_HOME%/conf/web.xml as <url-pattern>/myapplication/*</url-pattern> Or in %TOMCAT_HOME%/webapps/myapplication/WEB-INF/web.xml file? Or in cosignConfig.xml as <service name="dymmy.sk"><protected>/myapplication/*</protected> (It's not so clear what protected element means) Also element "Location Handler: You may need to add this directory to your application in order for the web container to recognize the request." is unclear for me. Where exactly should be "/cosign/valid" folder? In %TOMCAT_HOME%/webapps/myapplication/cosign/valid or % TOMCAT_HOME%/ROOT/cosign/valid ? Value is set to <LocationHandlerRef>/cosign/valid</LocationHandlerRef> What does this value means? And what is purpose of this folder ? I have already achieved protecting simple helloRemoteUser.jsp (mapped as url filer mapping in web.xml), then cosign filter redirected me to login server and after successfully log in I am redirected to url defined in service in cosignConfig.xml file. Which is now defined as "http://hostname:8080/cosign/valid/"; and here I am desperate. What should be defined in service as success returned url and how to get request.getRemoteUser() working. Currently is method returning null if I assign this (/cosign/valid) url to servler which displays request informations. Possibly: Is there Can this be caused by Java JAAS principals policy on windows? Is necessarily to use MS IE browser? Thanks very much for some help. Tomas Filip Environment informations: Included cosign libraries in myapplication lib directory and % TOMCAT_HOME%/lib directory. commons-collections-3.2.1.jar commons-logging-1.1.1.jar commons-pool-1.4.jar Apache Tomcat 6.0.32 Jdk 1.5.0_15 JavaCosign 3.0.0 RC0
web-uminch.xml
Description: XML document
Description: XML documentCosignAuthentication { edu.umich.auth.cosign.CosignLoginModule required; };
--- End Message ---
------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnnow-d2d
_______________________________________________ Cosign-discuss mailing list Cosign-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cosign-discuss
