Re: [Resin-interest] Accessing resin-admin

Wed, 21 Apr 2010 01:14:59 -0700 

Thanks, that worked.

I tried adding <resin:Allow> (or <security-constraint>) also to add some 
IP filtering (<resin:IfNetwork> vs <ip-constraint>) and then the 
authenticator seems to be overridden. In case the request comes from a 
trusted IP range, no login is required.
I have to add <resin:And> <resin:IfUserInRole role="resin-admin"/> also. 
Is that intended...?

Btw, in order to not mess up the login page I set url-pattern="*.php". 
Any risk this will change in a future release "without further notice"? 
Maybe it's better/safer to allow "/images/*" and "*.css"?

</Mattias>

Emil Ong wrote (2010-04-16 23:17):
> Hi Mattias,
>
> Are you using a custom resin.xml/resin.conf?  If so, you might try
> copying the<resin:AdminAuthenticator>  configuration from the default.
> It looks like this:
>
>    <resin:AdminAuthenticator>
>      <resin:import path="${__DIR__}/admin-users.xml" optional="true"/>
>    </resin:AdminAuthenticator>
>
> This part of the install document may also be helpful:
>
> http://caucho.com/resin-4.0/admin/starting-resin-install.xtp#Creating%20a%20password%20for%20the%20Resin%20Administration%20Console
>
> Best,
> Emil
>
>
> On Fri, Apr 16, 2010 at 09:46:33AM +0200, Mattias Jiderhamn wrote:
>    
>> I feel like a newbie for having to ask this, but admittedly I have never
>> used the J2EE authentication mechanism since we have a proprietary one.
>>
>> I'm trying to set up resin-admin following a combination of the
>> instructions at
>> http://caucho.com/resin-4.0/admin/resin-admin-console.xtp and the
>> instructions shown when accessing the admin app.
>> I have configured the web-app and had it generate a admin-users.xml so
>> that I can log in. However I have no access, apparently since my user is
>> not in the "resin-admin" role.
>> Doing a bit of debugging I end up in a NullAuthenticator that only
>> accepts the "user" role. So I guess I need to configure some other
>> authenticator, right...?
>>
>> -- 
>>
>>     </Mattias>
>>      



_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Reply via email to