Re: Basic user/passwd dialog authentication for servlet zones ?

Thu, 11 Nov 1999 11:31:25 -0800 

----------------------------------------------------------------
BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
WHEN YOU POST, include all relevant version numbers, log files,
and configuration files.  Don't make us guess your problem!!!
----------------------------------------------------------------

I was working on the same problem.
I can get that login window.

Set the header WWW-Authentication to basic real="xxx"

But if i fill in a name and password
i get this back:from the header authentication:

asdlfjadfajksdfalksjdfhaksdfhalksdfjhlkasdsa==

How on earth must i extact the Userid and Password out of that??
I want a Java solution. Everywhere where i look they are talking
about directory permissions ect.I don't want that.


I Like that login dialog and i want the userid and password inside my
servlet.

How???

greetings
Johan




----- Original Message -----
From: <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, November 11, 1999 10:29 AM
Subject: Basic user/passwd dialog authentication for servlet zones ?


> ----------------------------------------------------------------
> BEFORE YOU POST, search the faq at <http://java.apache.org/faq/>
> WHEN YOU POST, include all relevant version numbers, log files,
> and configuration files.  Don't make us guess your problem!!!
> ----------------------------------------------------------------
>
> Hi,
>
> I'd like to use the basic user/passwd dialog
> authentication for servlet directories, as I would for a CGI Script.
> I'm having a hard time doing this using <Directory> and <Limit> in
> httpd.conf, access.conf ....
> Can access to servlet directories _not_
> be controlled using the usual Apache directives (<Directory>, <Limit> )
> or am I missing something ? Should the Directory tag then refer to the
> absolute or relative directory path of the servlet directory,
> the mount point or possibly the zone ?
>
> Since there is a CGI-style getRemoteUser() function on the API,
> one could make the (false) assumption that servlet dirs could be
configured
> in a manner similar to HTML or CGI dirs ?  Now the func returns an empty
> string,
> should it BTW return null according to the API spec,
> if no authentication has been or even can be made ?
>
> In the JServ manual, I only found stuff on secure keys and IP screening -
> should I look closer ?  Security is not (yet) really an issue here, only
> subscriber
> identification, which could, of course, easily be implemented using
servlets
> & JavaScript,
> but why code such basic things yourself... :)
>
> My system configuration is:
> - Linux Debian 2.1, kernel v2.2.10
> - Apache 1.3.9 w/ all default options incl. CGI & setenvif, DSO enabled
> - jsdk 2.0
> - Blackdown JDK-port v1.2
> - here's a diff of the relevant files compared to the defaults,
> w/ comments stripped and hostnames changed (apache otherwise works OK,
incl.
> CGI)
>
> ### diff httpd.conf.default httpd.conf
> 32a33
> > LoadModule jserv_module libexec/mod_jserv.so
> 39,40c40,41
> < User nobody
> < Group nogroup
> ---
> > User www
> > Group wwwdev
> 42c43
> < ServerAdmin root@myhost
> ---
> > ServerAdmin www@myhost
> 43a45,47
> > ServerName myhost
> >
> > DocumentRoot "/var/www"
> 45d48
> < DocumentRoot "/usr/local/apache/htdocs"
> 48,49c51,69
> <     Options FollowSymLinks
> <     AllowOverride None
> ---
> >
> >  Options All
> >  AuthType Basic
> >  AuthUserFile /etc/apache/.htpasswd
> >  AuthGroupFile /etc/apache/.htgroup
> >
> > AllowOverride All
> >
> > AuthName "employee"
> > <Limit GET>
> > order allow,deny
> > allow from foohost barhost secrethost
> > require group emps
> > </Limit>>
> 50a71
> > <Directory /var/www/mlu/wwwint/servlet>
> 51a73,91
> >  Options Indexes FollowSymLinks
> >  AuthType Basic
> >  AuthUserFile /etc/apache/.htpasswd
> >  AuthGroupFile /etc/apache/.htgroup
> >
> > AllowOverride All
> >
> > AuthName "employee"
> > <Limit GET>
> > order allow,deny
> > allow from foohost barhost secrethost
> > require group emps
> > </Limit>
> >
> > </Directory>
> 86c126
> < HostnameLookups Off
> ---
> > HostnameLookups On
> 112d151
> < ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
> 114c153,155
> < <Directory "/usr/local/apache/cgi-bin">
> ---
> > ScriptAlias /cgi-bin /var/www/cgi-bin
> >
> > <Directory "/var/www/cgi-bin">
> 116c157
> <     Options None
> ---
> >     Options All
> 202a244
> > Include /usr/local/apache/conf/jserv/jserv.conf
>
> ######### diff jserv.conf.default jserv.conf
>
> ######### diff jserv.properties.default jserv.properties
>
> ######### diff zone.properties.default zone.properties
> 5c5
> < repositories=/usr/local/apache/servlets
> ---
> > repositories=/var/www/mlu/wwwint/servlet
>
>
>
> /Markku Luotamo
>
>
> --
> --------------------------------------------------------------
> Please read the FAQ! <http://java.apache.org/faq/>
> To subscribe:        [EMAIL PROTECTED]
> To unsubscribe:      [EMAIL PROTECTED]
> Archives and Other:  <http://java.apache.org/main/mail.html>
> Problems?:           [EMAIL PROTECTED]
>
>



--
--------------------------------------------------------------
Please read the FAQ! <http://java.apache.org/faq/>
To subscribe:        [EMAIL PROTECTED]
To unsubscribe:      [EMAIL PROTECTED]
Archives and Other:  <http://java.apache.org/main/mail.html>
Problems?:           [EMAIL PROTECTED]

Reply via email to