auth-constraint question
Hello, I am running tomcat 4 stand-alone on Win NT4, using authentication with mysql (working just fine) on my entire site/webapp. I have a Webdav role and a Root role defined and need to use both of them in the same webapp. My entire site is password protected. When I connect with my webdav client, it allows my Webdav role users to login as planned, but normal Root users can log in as well. How can I distinguish between these constraints? Below is a snippet of my web-inf/web.xml... Thanks in advance, Mark !-- Define a Security Constraint on this Application -- security-constraint web-resource-collection web-resource-namemysite/web-resource-name url-pattern/*/url-pattern /web-resource-collection auth-constraint role-nameRoot/role-name role-nameWebdav/role-name /auth-constraint /security-constraint !-- Define the Login Configuration for this Application -- login-config auth-methodBASIC/auth-method realm-namemysite/realm-name /login-config _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: auth-constraint question
Thanks for the response. I would like to have both roles go as far down the tree as possible. But, from a browser, have Root role authentication and their inherent read-only permissions, and from a dav client: Webdav role authentication and full access to the file system. From: Terrence Szeto [EMAIL PROTECTED] Reply-To: Tomcat Users List [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: auth-constraint question Date: Tue, 11 Jun 2002 17:03:23 -0400 One thing you can do is use filters to further restrict users. So write a filter, which checks for user roles, and foward the ones you don't want to go further down your directory. Don't forget to map the filter in the web.xml file so tomcat knows where to restrict. hope that helps Terrence From: Mark Larson [EMAIL PROTECTED] Reply-To: Tomcat Users List [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: auth-constraint question Date: Tue, 11 Jun 2002 13:13:46 -0700 MIME-Version: 1.0 X-Originating-IP: [216.101.100.252] Received: from [192.18.49.131] by hotmail.com (3.2) with ESMTP id MHotMailBECFA50A003C4004318FC01231838DE70; Tue, 11 Jun 2002 13:14:02 -0700 Received: (qmail 20437 invoked by uid 97); 11 Jun 2002 20:13:50 - Received: (qmail 20423 invoked by uid 98); 11 Jun 2002 20:13:50 - From tomcat-user-return-22211-t3szeto Tue, 11 Jun 2002 13:15:44 -0700 Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk List-Unsubscribe: mailto:[EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED] List-Post: mailto:[EMAIL PROTECTED] List-Id: Tomcat Users List tomcat-user.jakarta.apache.org Delivered-To: mailing list [EMAIL PROTECTED] X-Antivirus: nagoya (v4198 created Apr 24 2002) Message-ID: [EMAIL PROTECTED] X-OriginalArrivalTime: 11 Jun 2002 20:13:47.0123 (UTC) FILETIME=[7E3F5430:01C21184] X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Hello, I am running tomcat 4 stand-alone on Win NT4, using authentication with mysql (working just fine) on my entire site/webapp. I have a Webdav role and a Root role defined and need to use both of them in the same webapp. My entire site is password protected. When I connect with my webdav client, it allows my Webdav role users to login as planned, but normal Root users can log in as well. How can I distinguish between these constraints? Below is a snippet of my web-inf/web.xml... Thanks in advance, Mark !-- Define a Security Constraint on this Application -- security-constraint web-resource-collection web-resource-namemysite/web-resource-name url-pattern/*/url-pattern /web-resource-collection auth-constraint role-nameRoot/role-name role-nameWebdav/role-name /auth-constraint /security-constraint !-- Define the Login Configuration for this Application -- login-config auth-methodBASIC/auth-method realm-namemysite/realm-name /login-config _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
Re: auth-constraint question
Ok, if anyone is following this thread... I found a freeware hard links for windows program and placed hard links for my site in a separate webapp dedicated to webdav only. So, multiple distinguishable authentications for a single filesystem works. From: Mark Larson [EMAIL PROTECTED] Reply-To: Tomcat Users List [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: auth-constraint question Date: Tue, 11 Jun 2002 14:42:23 -0700 Thanks for the response. I would like to have both roles go as far down the tree as possible. But, from a browser, have Root role authentication and their inherent read-only permissions, and from a dav client: Webdav role authentication and full access to the file system. From: Terrence Szeto [EMAIL PROTECTED] Reply-To: Tomcat Users List [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: auth-constraint question Date: Tue, 11 Jun 2002 17:03:23 -0400 One thing you can do is use filters to further restrict users. So write a filter, which checks for user roles, and foward the ones you don't want to go further down your directory. Don't forget to map the filter in the web.xml file so tomcat knows where to restrict. hope that helps Terrence From: Mark Larson [EMAIL PROTECTED] Reply-To: Tomcat Users List [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: auth-constraint question Date: Tue, 11 Jun 2002 13:13:46 -0700 MIME-Version: 1.0 X-Originating-IP: [216.101.100.252] Received: from [192.18.49.131] by hotmail.com (3.2) with ESMTP id MHotMailBECFA50A003C4004318FC01231838DE70; Tue, 11 Jun 2002 13:14:02 -0700 Received: (qmail 20437 invoked by uid 97); 11 Jun 2002 20:13:50 - Received: (qmail 20423 invoked by uid 98); 11 Jun 2002 20:13:50 - From tomcat-user-return-22211-t3szeto Tue, 11 Jun 2002 13:15:44 -0700 Mailing-List: contact [EMAIL PROTECTED]; run by ezmlm Precedence: bulk List-Unsubscribe: mailto:[EMAIL PROTECTED] List-Subscribe: mailto:[EMAIL PROTECTED] List-Help: mailto:[EMAIL PROTECTED] List-Post: mailto:[EMAIL PROTECTED] List-Id: Tomcat Users List tomcat-user.jakarta.apache.org Delivered-To: mailing list [EMAIL PROTECTED] X-Antivirus: nagoya (v4198 created Apr 24 2002) Message-ID: [EMAIL PROTECTED] X-OriginalArrivalTime: 11 Jun 2002 20:13:47.0123 (UTC) FILETIME=[7E3F5430:01C21184] X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N Hello, I am running tomcat 4 stand-alone on Win NT4, using authentication with mysql (working just fine) on my entire site/webapp. I have a Webdav role and a Root role defined and need to use both of them in the same webapp. My entire site is password protected. When I connect with my webdav client, it allows my Webdav role users to login as planned, but normal Root users can log in as well. How can I distinguish between these constraints? Below is a snippet of my web-inf/web.xml... Thanks in advance, Mark !-- Define a Security Constraint on this Application -- security-constraint web-resource-collection web-resource-namemysite/web-resource-name url-pattern/*/url-pattern /web-resource-collection auth-constraint role-nameRoot/role-name role-nameWebdav/role-name /auth-constraint /security-constraint !-- Define the Login Configuration for this Application -- login-config auth-methodBASIC/auth-method realm-namemysite/realm-name /login-config _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] _ Join the worlds largest e-mail service with MSN Hotmail. http://www.hotmail.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] _ Chat with friends online, try MSN Messenger: http://messenger.msn.com -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED] _ MSN Photos is the easiest way to share and print your photos: http://photos.msn.com/support/worldwide.aspx -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
proxy redirect
Hi, I am using tomcat 4.0 stand-alone without apache. Does anone know how i can redirect to use an existing proxy on a different machine? I'm on x.x.x.x:80 , want to use proxy @ y.y.y.y:8081 thanks, mark _ Send and receive Hotmail on your mobile device: http://mobile.msn.com -- To unsubscribe: mailto:[EMAIL PROTECTED] For additional commands: mailto:[EMAIL PROTECTED] Troubles with the list: mailto:[EMAIL PROTECTED]
