You'll probably have better luck with the documentation at the following places:
<http://www.upenn.edu/computing/weblogin/docs/tomcat_installation.html> <http://www.lancs.ac.uk/iss/tsg/cosign/install-tomcat.html> The umich page assumes you're upgrading from an older version, and omits several important details. andrew On Jan 29, 2013, at 6:15 AM, Tomas Filip <fi...@cruxit.com> wrote: > > > From: Tomas Filip <fi...@cruxit.com> > Subject: Cosign java v3 problem > Date: January 29, 2013 5:11:10 AM EST > To: cos...@umich.edu > > > Hello, > > I have problem to secure my java web application with Cosign filter on > Apache Tomcat and I want to ask you kindly for help. > > I followed tutorial from http://www.itcs.umich.edu/itcsdocs/s4364/#java. > > And I have few questions here .. > > First of all is to web.xml file and cosignConfig.xml file. > I have both of these files in %TOMCAT_HOME%/conf folder (Also > jaas.config and keystore.jks files). Is it ok? > > On Tomcat I need to secure web application placed at %TOMCAT_HOME > %/webapps/myapplication. > Should I define Cosign filter mappings in %TOMCAT_HOME%/conf/web.xml as > <url-pattern>/myapplication/*</url-pattern> > Or in %TOMCAT_HOME%/webapps/myapplication/WEB-INF/web.xml file? > Or in cosignConfig.xml as <service > name="dymmy.sk"><protected>/myapplication/*</protected> > (It's not so clear what protected element means) > > Also element "Location Handler: You may need to add this directory to > your application in order for the web container to recognize the > request." is unclear for me. Where exactly should be "/cosign/valid" > folder? In %TOMCAT_HOME%/webapps/myapplication/cosign/valid or % > TOMCAT_HOME%/ROOT/cosign/valid ? > Value is set to <LocationHandlerRef>/cosign/valid</LocationHandlerRef> > What does this value means? And what is purpose of this folder ? > > I have already achieved protecting simple helloRemoteUser.jsp (mapped as > url filer mapping in web.xml), then cosign filter redirected me to login > server and after successfully log in I am redirected to url defined in > service in cosignConfig.xml file. Which is now defined as > "http://hostname:8080/cosign/valid/" and here I am desperate. What > should be defined in service as success returned url and how to get > request.getRemoteUser() working. Currently is method returning null if I > assign this (/cosign/valid) url to servler which displays request > informations. > > Possibly: > Is there > Can this be caused by Java JAAS principals policy on windows? > Is necessarily to use MS IE browser? > > > Thanks very much for some help. > > Tomas Filip > > Environment informations: > > Included cosign libraries in myapplication lib directory and % > TOMCAT_HOME%/lib directory. > > commons-collections-3.2.1.jar > commons-logging-1.1.1.jar > commons-pool-1.4.jar > > > Apache Tomcat 6.0.32 > Jdk 1.5.0_15 > JavaCosign 3.0.0 RC0 > <web-uminch.xml><cosignConfig-uminch.xml><jaas.config> > > ------------------------------------------------------------------------------ > Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, > MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current > with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft > MVPs and experts. ON SALE this month only -- learn more at: > http://p.sf.net/sfu/learnnow-d2d_______________________________________________ > Cosign-discuss mailing list > Cosign-discuss@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/cosign-discuss ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://p.sf.net/sfu/appdyn_d2d_jan _______________________________________________ Cosign-discuss mailing list Cosign-discuss@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cosign-discuss