Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed
Where have you defined the user and password that you believe you should be a valid user? What is the role constraint that you have defined on the web resource? Is the user in question set up for that role? Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - Original Message - From: Felipe Crochik [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, February 09, 2003 21:34 Subject: IIS+Tomcat security constraint = Unauthorized: Logon Failed I am trying to use the tomcat security constraints behind an IIS web server. I know tomcat and the ISAPI filter are working. Also, Tomcat authorization is working bypassing IIS using port 8080. When I try to reach the exactly same application through IIS (port 80) I get the user validation dialog box and after I try to login with a valid user and password I get HTTP 401.1 - Unauthorized: Logon Failed. TIA, Felipe - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: IIS+Tomcat security constraint = Unauthorized: Logon Failed
Yes. I have defined the user, password and role and everything else needed to make it work on tomcat. What seems to be the problem is that IIS is trying to authenticate the user by itself instead of forwarding the user/password information to tomcat. (It allow me to try 3 times and then give me the Unauthorized: Logon Failed error page regardless the valid user and password). I know the ISAPI filter is working because if I remove the security constraint from tomcat I can get to it and I know the tomcat security constraint is working because if I can get to it using the stand alone port. Have you seen this scenario working before? I found some posts with this issue but no reply to any of them. Thanks, Felipe -Original Message- From: Sean Dockery [mailto:[EMAIL PROTECTED]] Sent: Monday, February 10, 2003 8:05 AM To: Tomcat Users List Subject: Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed Where have you defined the user and password that you believe you should be a valid user? What is the role constraint that you have defined on the web resource? Is the user in question set up for that role? Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - Original Message - From: Felipe Crochik [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, February 09, 2003 21:34 Subject: IIS+Tomcat security constraint = Unauthorized: Logon Failed I am trying to use the tomcat security constraints behind an IIS web server. I know tomcat and the ISAPI filter are working. Also, Tomcat authorization is working bypassing IIS using port 8080. When I try to reach the exactly same application through IIS (port 80) I get the user validation dialog box and after I try to login with a valid user and password I get HTTP 401.1 - Unauthorized: Logon Failed. TIA, Felipe - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed
Can you authenticate through the Tomcat standalone port? Or does that fail as well? What method of authentication are you using? BASIC or DIGEST? If you are currently using DIGEST, try BASIC (for testing purposes). What type of Realm are you authenticating against? MemoryRealm, JDBC, or JNDI? Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - Original Message - From: Felipe [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Sent: Monday, February 10, 2003 09:08 Subject: RE: IIS+Tomcat security constraint = Unauthorized: Logon Failed Yes. I have defined the user, password and role and everything else needed to make it work on tomcat. What seems to be the problem is that IIS is trying to authenticate the user by itself instead of forwarding the user/password information to tomcat. (It allow me to try 3 times and then give me the Unauthorized: Logon Failed error page regardless the valid user and password). I know the ISAPI filter is working because if I remove the security constraint from tomcat I can get to it and I know the tomcat security constraint is working because if I can get to it using the stand alone port. Have you seen this scenario working before? I found some posts with this issue but no reply to any of them. Thanks, Felipe -Original Message- From: Sean Dockery [mailto:[EMAIL PROTECTED]] Sent: Monday, February 10, 2003 8:05 AM To: Tomcat Users List Subject: Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed Where have you defined the user and password that you believe you should be a valid user? What is the role constraint that you have defined on the web resource? Is the user in question set up for that role? Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - Original Message - From: Felipe Crochik [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, February 09, 2003 21:34 Subject: IIS+Tomcat security constraint = Unauthorized: Logon Failed I am trying to use the tomcat security constraints behind an IIS web server. I know tomcat and the ISAPI filter are working. Also, Tomcat authorization is working bypassing IIS using port 8080. When I try to reach the exactly same application through IIS (port 80) I get the user validation dialog box and after I try to login with a valid user and password I get HTTP 401.1 - Unauthorized: Logon Failed. TIA, Felipe - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: IIS+Tomcat security constraint = Unauthorized: Logon Failed
Yes. I can authenticate through the tomcat standalone port. I am using the BASIC with a MemoryRealm. Everything as simple as it can get! Do you know if it is possible to have IIS to leave the authentication to tomcat? Thanks, Felipe -Original Message- From: Sean Dockery [mailto:[EMAIL PROTECTED]] Sent: Monday, February 10, 2003 3:50 PM To: Tomcat Users List Subject: Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed Can you authenticate through the Tomcat standalone port? Or does that fail as well? What method of authentication are you using? BASIC or DIGEST? If you are currently using DIGEST, try BASIC (for testing purposes). What type of Realm are you authenticating against? MemoryRealm, JDBC, or JNDI? Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - Original Message - From: Felipe [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Sent: Monday, February 10, 2003 09:08 Subject: RE: IIS+Tomcat security constraint = Unauthorized: Logon Failed Yes. I have defined the user, password and role and everything else needed to make it work on tomcat. What seems to be the problem is that IIS is trying to authenticate the user by itself instead of forwarding the user/password information to tomcat. (It allow me to try 3 times and then give me the Unauthorized: Logon Failed error page regardless the valid user and password). I know the ISAPI filter is working because if I remove the security constraint from tomcat I can get to it and I know the tomcat security constraint is working because if I can get to it using the stand alone port. Have you seen this scenario working before? I found some posts with this issue but no reply to any of them. Thanks, Felipe -Original Message- From: Sean Dockery [mailto:[EMAIL PROTECTED]] Sent: Monday, February 10, 2003 8:05 AM To: Tomcat Users List Subject: Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed Where have you defined the user and password that you believe you should be a valid user? What is the role constraint that you have defined on the web resource? Is the user in question set up for that role? Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - Original Message - From: Felipe Crochik [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, February 09, 2003 21:34 Subject: IIS+Tomcat security constraint = Unauthorized: Logon Failed I am trying to use the tomcat security constraints behind an IIS web server. I know tomcat and the ISAPI filter are working. Also, Tomcat authorization is working bypassing IIS using port 8080. When I try to reach the exactly same application through IIS (port 80) I get the user validation dialog box and after I try to login with a valid user and password I get HTTP 401.1 - Unauthorized: Logon Failed. TIA, Felipe - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed
It seems unlikely that IIS would arbitrarily intercept a request that it has been instructed to forward, but I do not know enough about integrating IIS with Tomcat to know for sure. Perhaps you can turn on the RequestDumper Value in Tomcat to see what headers are being submitted when you access Tomcat through the standalone port versus accessing Tomcat through IIS. That might give you more information that you have now. :-) Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - Original Message - From: Felipe [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Sent: Monday, February 10, 2003 14:39 Subject: RE: IIS+Tomcat security constraint = Unauthorized: Logon Failed Yes. I can authenticate through the tomcat standalone port. I am using the BASIC with a MemoryRealm. Everything as simple as it can get! Do you know if it is possible to have IIS to leave the authentication to tomcat? Thanks, Felipe -Original Message- From: Sean Dockery [mailto:[EMAIL PROTECTED]] Sent: Monday, February 10, 2003 3:50 PM To: Tomcat Users List Subject: Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed Can you authenticate through the Tomcat standalone port? Or does that fail as well? What method of authentication are you using? BASIC or DIGEST? If you are currently using DIGEST, try BASIC (for testing purposes). What type of Realm are you authenticating against? MemoryRealm, JDBC, or JNDI? Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - Original Message - From: Felipe [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Sent: Monday, February 10, 2003 09:08 Subject: RE: IIS+Tomcat security constraint = Unauthorized: Logon Failed Yes. I have defined the user, password and role and everything else needed to make it work on tomcat. What seems to be the problem is that IIS is trying to authenticate the user by itself instead of forwarding the user/password information to tomcat. (It allow me to try 3 times and then give me the Unauthorized: Logon Failed error page regardless the valid user and password). I know the ISAPI filter is working because if I remove the security constraint from tomcat I can get to it and I know the tomcat security constraint is working because if I can get to it using the stand alone port. Have you seen this scenario working before? I found some posts with this issue but no reply to any of them. Thanks, Felipe -Original Message- From: Sean Dockery [mailto:[EMAIL PROTECTED]] Sent: Monday, February 10, 2003 8:05 AM To: Tomcat Users List Subject: Re: IIS+Tomcat security constraint = Unauthorized: Logon Failed Where have you defined the user and password that you believe you should be a valid user? What is the role constraint that you have defined on the web resource? Is the user in question set up for that role? Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - Original Message - From: Felipe Crochik [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Sunday, February 09, 2003 21:34 Subject: IIS+Tomcat security constraint = Unauthorized: Logon Failed I am trying to use the tomcat security constraints behind an IIS web server. I know tomcat and the ISAPI filter are working. Also, Tomcat authorization is working bypassing IIS using port 8080. When I try to reach the exactly same application through IIS (port 80) I get the user validation dialog box and after I try to login with a valid user and password I get HTTP 401.1 - Unauthorized: Logon Failed. TIA, Felipe - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
IIS+Tomcat security constraint = Unauthorized: Logon Failed
I am trying to use the tomcat security constraints behind an IIS web server. I know tomcat and the ISAPI filter are working. Also, Tomcat authorization is working bypassing IIS using port 8080. When I try to reach the exactly same application through IIS (port 80) I get the user validation dialog box and after I try to login with a valid user and password I get HTTP 401.1 - Unauthorized: Logon Failed. TIA, Felipe
