Hi all,
I'm trying to set up simple authentication (using Basic) using Orion, and
I've run into some problems. The documentation on this is somewhat sparse
(I know, you're working on it...) but if someone could point me in the right
direction, it would be appreciated.
I've created a copy of the default-site directory called 'intranet', and
modified it's web-site.xml file, and I've added the entry to the server.xml
to load up the new site, which does load properly. However, I can't get the
site to authenticate.
I added the following tags to the web-site.xml for the intranet virtual
server.
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Foobar</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Site</web-resource-name>
<description>Main security</description>
<url-pattern>/*.html</url-pattern>
<http-method>GET</http-method>
<auth-constraint>
<description>All users</description>
<role-name>intranet-users</role-name>
</auth-constraint>
</web-resource-collection>
</security-constraint>
<security-role>
<description>Role security</description>
<role-name>intranet-users</role-name>
</security-role>
When I access the site (it's running on port 8080), I get the pop-up dialog
box. It states that the realm is:
Realm: file:/C:/orion/intranet/web-application.xml
I would have thought that it have stated Foobar for the realm, as defined
above. If I enter a userid and password that I identified in the
principals.xml file, it denies that user.
Any ideas? I've included the web-site.xml file, the web-application.xml
file, and the principals.xml file.
Thanks,
Darren.
--
Darren Gibbons [EMAIL PROTECTED]
OpenRoad Communications ph: 604.681.0516
Internet Application Development fax: 604.681.0916
Vancouver, B.C. http://www.openroad.ca
<?xml version="1.0"?>
<!DOCTYPE web-site SYSTEM "web-site.dtd">
<web-site host="[ALL]" port="8080">
<name>OpenRoad Intranet</name>
<!-- The default web-app for this site, the web-app specifies -->
<default-web-app>./web-application.xml</default-web-app>
<!-- Access Log, where requests are logged to -->
<access-log>./access.log</access-log>
<!-- Site log, where events/errors are logged -->
<log>
<path>./site.log</path>
</log>
</web-site>
<?xml version="1.0"?>
<!DOCTYPE web-application SYSTEM "web-application.dtd">
<web-app>
<!-- Servlet directory, the directory on the site which is allocated for launching of servlets -->
<servlet-webdir>/servlet/</servlet-webdir>
<!-- Classpaths used by servlets and beans -->
<classpath>./servlets</classpath>
<classpath>./beans</classpath>
<!-- Document root, root for the documents for this site -->
<document-root>./html</document-root>
<!-- Principals local to this application -->
<principals>./principals.xml</principals>
<!-- A demo servlet, add servlets below -->
<servlet>
</servlet>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Foobar</realm-name>
</login-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Site</web-resource-name>
<description>Main security</description>
<url-pattern>/*.html</url-pattern>
<http-method>GET</http-method>
<auth-constraint>
<description>All users</description>
<role-name>intranet-users</role-name>
</auth-constraint>
</web-resource-collection>
</security-constraint>
<security-role>
<description>Role security</description>
<role-name>intranet-users</role-name>
</security-role>
</web-app>
<?xml version="1.0"?>
<!DOCTYPE principals SYSTEM "principals.dtd">
<principals>
<groups>
<group name="intranet-users">
<description>Basic Internet users group</description>
</group>
<group name="admin">
<description>Administrators</description>
</group>
</groups>
<users>
<user name="darren" password="foobar">
<name>Darren Gibbons</name>
<description>It's Darren</description>
<group-membership group="intranet-users" />
</user>
</users>
</principals>
