Re: Can't get SecurityRoleRef/Tomcat4 working
Hi Craig, Craig R. McClanahan wrote: Unless you have changed something in tomcat-users.xml, the role assigned to the tomcat user is tomcat, not Tomcat. Role names, like pretty much everything else in servlets and JSPs, are case sensitive. Sorry, I should have mentioned, I am using my own Jaas realm and have my own login modules. I am currently assigning 'Tomcat' as the role in my test login. The question still applies, how do you get the role-ref mapping configured in web.xml when the servlet is a JSP? Rgds Antony
Can't get SecurityRoleRef/Tomcat4 working
Hi, I can't get the security-role-ref to work in Tomcat 4 with the security JSP. I have added the following % if (request.isUserInRole(Admin)) { % User is in Admin role % } else { % User is NOT in Admin role % } % to jsp/security/protected/index.jsp in the distribution to Tomcat 4. As security-role-ref is part of a servlet element of web.xml how do you specify this with a JSP. I tried adding the following to web.xml servlet servlet-name Protected /servlet-name jsp-file/jsp/security/protected/index.jsp/jsp-file security-role-ref descriptionLink between Admin and sysadmin/description role-nameAdmin/role-name role-linkTomcat/role-link /security-role-ref /servlet My user authenticates and is given the role 'Tomcat' but the Realm hasRole() method is called with 'Admin'. The code in HttpRequestBase does public boolean isUserInRole(String role) { ... if (wrapper != null) { String realRole = wrapper.findSecurityReference(role); if ((realRole != null) realm.hasRole(userPrincipal, realRole)) return (true); } to map the servlet role to security-role so I guess I have not got web.xml set up properly. Any ideas? Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] phone: +358 9 5128 2562 fax : +358 9 5128 2705 intra / extra / Internet solutions at www.teamware.com
Re: Can't get SecurityRoleRef/Tomcat4 working
Unless you have changed something in tomcat-users.xml, the role assigned to the tomcat user is tomcat, not Tomcat. Role names, like pretty much everything else in servlets and JSPs, are case sensitive. Craig On Tue, 23 Oct 2001, Antony Bowesman wrote: Date: Tue, 23 Oct 2001 16:56:00 +0300 From: Antony Bowesman [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: TomcatUser [EMAIL PROTECTED] Subject: Can't get SecurityRoleRef/Tomcat4 working Hi, I can't get the security-role-ref to work in Tomcat 4 with the security JSP. I have added the following % if (request.isUserInRole(Admin)) { % User is in Admin role % } else { % User is NOT in Admin role % } % to jsp/security/protected/index.jsp in the distribution to Tomcat 4. As security-role-ref is part of a servlet element of web.xml how do you specify this with a JSP. I tried adding the following to web.xml servlet servlet-name Protected /servlet-name jsp-file/jsp/security/protected/index.jsp/jsp-file security-role-ref descriptionLink between Admin and sysadmin/description role-nameAdmin/role-name role-linkTomcat/role-link /security-role-ref /servlet My user authenticates and is given the role 'Tomcat' but the Realm hasRole() method is called with 'Admin'. The code in HttpRequestBase does public boolean isUserInRole(String role) { ... if (wrapper != null) { String realRole = wrapper.findSecurityReference(role); if ((realRole != null) realm.hasRole(userPrincipal, realRole)) return (true); } to map the servlet role to security-role so I guess I have not got web.xml set up properly. Any ideas? Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] phone: +358 9 5128 2562 fax : +358 9 5128 2705 intra / extra / Internet solutions at www.teamware.com