On Wed, Apr 21, 2010 at 10:15:20AM +0200, Mattias Jiderhamn wrote:
> Thanks, that worked.
>
> I tried adding <resin:Allow> (or <security-constraint>) also to add
> some IP filtering (<resin:IfNetwork> vs <ip-constraint>) and then
> the authenticator seems to be overridden. In case the request comes
> from a trusted IP range, no login is required.
> I have to add <resin:And> <resin:IfUserInRole role="resin-admin"/>
> also. Is that intended...?
Where did you set these? If you added it in the resin.xml, you probably
overrode the settings in the admin application's resin-web.xml. That's
probably the best place to integrate those network constraints.
> Btw, in order to not mess up the login page I set
> url-pattern="*.php". Any risk this will change in a future release
> "without further notice"? Maybe it's better/safer to allow
> "/images/*" and "*.css"?
Sorry, I don't really understand the context of the question... which
url-pattern?
Emil
> </Mattias>
>
> Emil Ong wrote (2010-04-16 23:17):
> >Hi Mattias,
> >
> >Are you using a custom resin.xml/resin.conf? If so, you might try
> >copying the<resin:AdminAuthenticator> configuration from the default.
> >It looks like this:
> >
> > <resin:AdminAuthenticator>
> > <resin:import path="${__DIR__}/admin-users.xml" optional="true"/>
> > </resin:AdminAuthenticator>
> >
> >This part of the install document may also be helpful:
> >
> >http://caucho.com/resin-4.0/admin/starting-resin-install.xtp#Creating%20a%20password%20for%20the%20Resin%20Administration%20Console
> >
> >Best,
> >Emil
> >
> >
> >On Fri, Apr 16, 2010 at 09:46:33AM +0200, Mattias Jiderhamn wrote:
> >>I feel like a newbie for having to ask this, but admittedly I have never
> >>used the J2EE authentication mechanism since we have a proprietary one.
> >>
> >>I'm trying to set up resin-admin following a combination of the
> >>instructions at
> >>http://caucho.com/resin-4.0/admin/resin-admin-console.xtp and the
> >>instructions shown when accessing the admin app.
> >>I have configured the web-app and had it generate a admin-users.xml so
> >>that I can log in. However I have no access, apparently since my user is
> >>not in the "resin-admin" role.
> >>Doing a bit of debugging I end up in a NullAuthenticator that only
> >>accepts the "user" role. So I guess I need to configure some other
> >>authenticator, right...?
> >>
> >>--
> >>
> >> </Mattias>
>
>
_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest
