problem when testing tomcat
Hello: I am new in learning Tomcat. In turn, I download tomcat source code , build it with Apache-Ant , and test it with JUnit. I use the following commands to build and test Tomcat ant test It seams the test fails as I got the following result: BUILD FAILED E:\work\apache-tomcat-7.0.20-src\build.xml:1063: The following error occurred while executing this line: E:\work\apache-tomcat-7.0.20-src\build.xml:1125: Some tests completed with an Error. See E:\work\apache-tomcat-7.0.20-src/output/build/logs for details. Total time: 21 minutes 24 seconds Then I found the following tests failed org.apache.tomcat.util.net.TestSsl org.apache.tomcat.util.net.TestCustomSsl The following is my test environment: System: Windows XP sp3 JDK: 1.6.0-u21 Apache-Ant:1.8.2 Tomcat: 7.0.20 My questions are: 1. Should all the test had to pass? 2. What's the use of the java classes in the path of apache-tomcat-7.0.20-src\test 3. Also I had tested Tomcat under JDK-1.7.0, is Tomcat7.0.20 compatible with JDK1.7 ? Thank you very much and best regards!
database error
Hello, I had email a while ago asking for help with some errors I was getting with an application that I inherited which was working OK but was getting a few errors after moving it to a new server. I am not a tomcat person in that I do not know a lot about it but do know my way around a server pretty well. I did manage to fix a number of the issues with help from a few generous souls but now am receiving a database connection error: Error initializing sub-systems: Please check the following: 1. That your machine has a valid connection to jdbc:mysql://localhost/exodus_exodus Using: Username: xx Password: x Driver: com.mysql.jdbc.Driver I have verified that the user/pass is correct via a command-line log in. So, then checking the /home/x/public_html/WEB-INF/conf/environment.xml, it all looks correct as far as the database info is concerned. I do notice that things like the path in this file contains entries that are wrong. For example, systemLogFolder/usr/local/tomcat/webapps/exodus/WEB-INF/logs//systemLogFolder should actually be systemLogFolder/usr/local/jakarta/tomcat/webapps/exodus/WEB-INF/logs//systemLogFolderexcept that the exodus folder does not exist under webapps. This misconfiguration is consistent with all the entries under path. The entire exodus app is actually under the web root so I am not sure what if anything I would have to do here. Should I simply create these folders under /usr/local/jakarta/tomcat/webapps/ ?? As I really do not have a load of experience with tomcat, I wold appreciate any insight anyone can give be as to how I might go about repairing this error. Cheers, Dave
Session management issue with Tomcat
Hello I have a situation where I'm using Tomcat 6.0.26 but the logging in / out of the application is not authenticated via Tomcat's: action='%= response.encodeURL(j_security_check) %' method. The current system allows cookies to store userids which are used to show recent lists on the homepage of the application. So for a session, a user's userid can be read from the cookie and used to retrieve their details from the database and store them in the session, and render the hompage with its personalised recent list. The user's id can also then be placed in the login username box with the password stored in the session. But, in a single browser session, if the first user logs out, and another user logs in, the cookie is re-written with the new user's userid. But, because this is all in one browser session, use of the browser's back button allows the new user to access the profile details of the first user if the first user visited the page before logging off. No secure data is held in the system. Can anyone suggest a way to change this? I am no expert on session management. Thanks.
Users and authentication - how?
Hi, I'm missing something very basic. I will develop a web application with users and authentication. Surely, there exists a relatively generic approach to this that includes a backend database, new user form and authentication rules! But I can't find. Can someone direct me as to where to start my research? Thanks! Dola - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Users and authentication - how?
check the j2ee specs on the declaration in web.xml and j_securitycheck form based login servlet for use of jaas in your webapp with the tomcat realm as source of authentication data. best regards, thomas -- Thomas Strauß SRS-Management GmbH HRB 25262 AG Darmstadt Gfs.: Detlev Homilius, Thomas Strauß *** sent via mobile phone Am 18.09.2011 um 17:17 schrieb Dola Woolfe dolac...@yahoo.com: Hi, I'm missing something very basic. I will develop a web application with users and authentication. Surely, there exists a relatively generic approach to this that includes a backend database, new user form and authentication rules! But I can't find. Can someone direct me as to where to start my research? Thanks! Dola - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
RE: Users and authentication - how?
From: Dola Woolfe [mailto:dolac...@yahoo.com] Subject: Users and authentication - how? Surely, there exists a relatively generic approach to this that includes a backend database, new user form and authentication rules! But I can't find. Can someone direct me as to where to start my research? First, read the servlet spec section concerning authentication. Second, read Tomcat's doc about selecting and configuring a Realm for the particular authentication mechanism you want to use. You didn't bother to tell us the version of Tomcat you have, but here's the link for the current one: http://tomcat.apache.org/tomcat-7.0-doc/realm-howto.html You also might want to look at the How To part of the Tomcat Wiki; there are a few entries in there related to authentication. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Links in CSS vs JSPs
Hi,We have just changed the way we deploy our webapp. We previously were putting our app into the ROOT folder under webapps, not good I know.We now package the app as a war file calledmyapp.warand place it into the webapps folder where it explodes into a folder calledmyapp. Everythingworks except for one thing. Our app has the option to let the user change the look feel of the web app using predefined skins which we store in afolder calledtemplatesinside themyappfolder. Inside thetemplates folderare the folders that represent all the various skins (skin1, skin2 etc ..).These skin folders contain all the jsps, the css file and images that represent the content of each skin.Here’s the problem which is easily remedied but I want to know why. Let me explain. All the skins work exceptimage references in the style sheet (css)cannot be found. Yet images referenced in the jsps are found ! The references to the images begin with the url /templates/skin1/images/image1.png in both thecss case and the jsp case. Now to fix the problem I change the url in the style sheet by adding my app name in front (i.e./myapp/templates/skin1/images/image1.png)and this fixes the problem.I have no problem with changing this and it’s even logical. I’m just trying to understand why this only has presented a problem with links in the css and not the jsps.In firebug the reference to images already havemy app nameprepended to the images automatically. (i.e./myapp/templates/skin1/images/image2.png) YET the jsps’references only begin the url /templates/skin1/images/image1.png (no prepended app name)I’m just wondering if this make sense to someone with Tomcat experience. Is there a hard and fast rule here I’m missing. What’s best practice ?Thanks in advancePat
Running two versions of servlet in same tomcat instance
I would like to run two versions of the same servlet (same servlet-class, but with different WAR filename, servlet-name and url-pattern) under a single instance of Tomcat 6.0.33. Basically, the aim is to run both test and production versions of the servlet under the same instance. Better to run them under separate instances, but getting a suitable second instance is proving difficult. I thought that the same servlet-class would be fine as long as the servlet-name and url-pattern were different, but does not seem to be enough. The problem I encounter is that while the production version is deployed by Tomcat just fine, the test version is not loaded. The test version is unbundled in web apps directory and there is a deployment message in the catalina log, but when I point a web browser to the servlet, the result is just HTTP 404 error: The requested resource (/testvsb/) is not available. I've been unable to find any kind of useful debugging clues in the catalina logs, like a servlet deployment or invocation error, but my knowledge of Tomcat is meagre. The web.xml files for the two servlets are included below, in case they are of interest. The init-param sections are the same because I'm still testing out the two-servlets-in-one-tomcat concept on my laptop. Any ideas or advice on how to proceed would be appreciated. -Tod Tod Olson t...@uchicago.edu Systems Librarian University of Chicago Library browse.war browse/WEB-INF/web.xml ?xml version=1.0 encoding=UTF-8? web-app version=2.4 xmlns=http://java.sun.com/xml/ns/j2ee; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; servlet servlet-nameBrowse/servlet-name servlet-classedu.ncsu.lib.browse.Browse/servlet-class init-param param-namevsiUrl/param-name param-valuehttp://localhost/~tod/virtualshelfindex/handler//param-value !-- param-valuehttp://your.url.here/virtualshelfindex//param-value -- !-- param-valuehttp://webdev.lib.ncsu.edu/virtualshelfindex//param-value -- /init-param init-param param-namelibraryName/param-name param-valueThe University of Chicago Library/param-value /init-param init-param param-namelibraryShortName/param-name param-valueUChicago/param-value /init-param init-param param-namecatalogBaseUrl/param-name param-valuehttp://notus.lib.uchicago.edu/staging//param-value /init-param /servlet servlet-mapping servlet-nameBrowse/servlet-name url-pattern/browse/*/url-pattern /servlet-mapping session-config session-timeout 30 /session-timeout /session-config welcome-file-list welcome-file browse /welcome-file /welcome-file-list error-page exception-type java.lang.Exception /exception-type location /jsp/error.jsp /location /error-page /web-app testvsb.war: testvsb/WEB-INF/web.xml ?xml version=1.0 encoding=UTF-8? web-app version=2.4 xmlns=http://java.sun.com/xml/ns/j2ee; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; servlet servlet-nameTestVSB/servlet-name servlet-classedu.ncsu.lib.browse.Browse/servlet-class init-param param-namevsiUrl/param-name param-valuehttp://localhost/~tod/virtualshelfindex/handler//param-value !-- param-valuehttp://your.url.here/virtualshelfindex//param-value -- !-- param-valuehttp://webdev.lib.ncsu.edu/virtualshelfindex//param-value -- /init-param init-param param-namelibraryName/param-name param-valueThe University of Chicago Library/param-value /init-param init-param param-namelibraryShortName/param-name param-valueUChicago/param-value /init-param init-param param-namecatalogBaseUrl/param-name param-valuehttp://notus.lib.uchicago.edu/staging//param-value /init-param /servlet servlet-mapping servlet-nameTestVSB/servlet-name url-pattern/testvsb/*/url-pattern /servlet-mapping session-config session-timeout 30 /session-timeout /session-config welcome-file-list welcome-file browse /welcome-file /welcome-file-list error-page exception-type java.lang.Exception /exception-type location /jsp/error.jsp /location /error-page /web-app - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Is it safe ?
Hi, In my web service (using tomcat 7.0) I use a datasource to MySql database configured under context.xml (in my WEB-INF directory) which looks like the following : Context Resource name=jdbc/TestDB auth=Container type=javax.sql.DataSource maxActive=100 maxIdle=30 maxWait=1 username=user password=pass driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://localhost/test_db?autoReconnect=true/ /Context My question is : Is it safe to store user/pass like this ? if not, what is commonly used as a safe approach ? Thanks !!! -- View this message in context: http://old.nabble.com/Is-it-safe---tp32490405p32490405.html Sent from the Tomcat - User mailing list archive at Nabble.com. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Is it safe ?
2011/9/18 PocketA giora...@gmail.com: Hi, In my web service (using tomcat 7.0) I use a datasource to MySql database configured under context.xml (in my WEB-INF directory) which looks like the It will be in META-INF, not in WEB-INF. following : Context Resource name=jdbc/TestDB auth=Container type=javax.sql.DataSource maxActive=100 maxIdle=30 maxWait=1 username=user password=pass driverClassName=com.mysql.jdbc.Driver url=jdbc:mysql://localhost/test_db?autoReconnect=true/ /Context My question is : Is it safe to store user/pass like this ? if not, what is commonly used as a safe approach ? Usually it is, but make sure that your webapps and conf folders are not world-readable. On unixes you'd use umask command to configure default access rights of created files. I prefer to configure connections in server.xml (so that the context.xml of the webapp does not have secrets, and can be stored in svn etc., as well as to use different db configuration on dev vs. prod) Regarding the password itself: http://wiki.apache.org/tomcat/FAQ/Password Best regards, Konstantin Kolinko - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Links in CSS vs JSPs
Hi. I believe that the problem you are having has nothing to do with Tomcat per se, and everything to do with how absolute and relative link references work in the WWW (or in HTTP/HTML) in general. You need a tutorial on that subject, and to always consider what happens *from the browser's point of view* when it sees a link to a resource, in a page which it just loaded from a server. Here is a summary introduction : a) the browser retrieves a page from the URL http://somehost.cpy.com/some/path/document.html;. That is now the current page. b) in this document, there is a link to another resource to be loaded on-the-fly, like an img tag, or a style or a script tag, and in this link is a URL, from which this resource can be retrieved. The browser will attempt to retrieve this resource (image, stylesheet, javascript,) using this URL. c) if the link URL is not complete (meaning : consisting of the whole combination of protocol, host, and path, like http://somehost.cpy.com/some/path/basic.css;), then the browser follows some strict rules to complete this URL. For example, if the link's URL was a *relative* URL like styles/basic.css, then the browser starts from the URL of the current page (in this case http://somehost.cpy.com/some/path/document.html;), removes the last component (document.html), and appends the *relative* URL to that, giving in this case : http://somehost.cpy.com/some/path/styles/basic.css;. Then it tries to retrieve the resource at that address. If the link's URL is *absolute*, like /styles/basic.css (the starting / makes all the difference), then the browser starts from the URL of the current page (in this case http://somehost.cpy.com/some/path/document.html;), removes the entire path part (/some/path/document.html), and appends the link URL to that, giving in this case : http://somehost.cpy.com/styles/basic.css;. Then it tries to retrieve the resource at that address. The above logic is recursive, in the sense that if your browser retrieves a page and finds links in it, it will apply the above logic to retrieve these other elements. Then within the elements retrieved, if there are further links to other things, it will again apply this logic to retrieve them. The base for each link evaluation is always the URL under which it retrieve the container of the link. So now you have some mental gymnastic to do : retrieve your top page in your browser, look at its source, figure out how the browser (according to the above logic) fetches the embedded resources (like the stylesheet); then recursively, from the stylesheet, how it interprets the links in the stylesheet to retrieve the images. (Using a browser plugin like HttpFox (for Firefox) or Fiddler2 (for IE) also helps.) Then fix your pages and other resources, so that they present the links to the browser correctly. - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Running two versions of servlet in same tomcat instance
Hi. Change the url-pattern of your test application, to be exactly the same as the url-pattern of the production application. And invoke it as http://yourhost.cpy.com/testvsb/;, followed by the same rest of URL as what you use for the main application. Brief explanation : the url-pattern is *relative* to the webapp name. The webapp name is the name of your application's directory (in other words, the name of the first directory level under (tomcat_dir)/webapps/). .. Except one special case : the default application lives under the path (tomcat_dir)/webapps/ROOT/ (in capitals), but its webapp name is /. If the above does not work, then show us how the directory structure under (tomcat_dir)/webapps/ looks like, and which URL you use to access the production application. Tod Olson wrote: I would like to run two versions of the same servlet (same servlet-class, but with different WAR filename, servlet-name and url-pattern) under a single instance of Tomcat 6.0.33. Basically, the aim is to run both test and production versions of the servlet under the same instance. Better to run them under separate instances, but getting a suitable second instance is proving difficult. I thought that the same servlet-class would be fine as long as the servlet-name and url-pattern were different, but does not seem to be enough. The problem I encounter is that while the production version is deployed by Tomcat just fine, the test version is not loaded. The test version is unbundled in web apps directory and there is a deployment message in the catalina log, but when I point a web browser to the servlet, the result is just HTTP 404 error: The requested resource (/testvsb/) is not available. I've been unable to find any kind of useful debugging clues in the catalina logs, like a servlet deployment or invocation error, but my knowledge of Tomcat is meagre. The web.xml files for the two servlets are included below, in case they are of interest. The init-param sections are the same because I'm still testing out the two-servlets-in-one-tomcat concept on my laptop. Any ideas or advice on how to proceed would be appreciated. -Tod Tod Olson t...@uchicago.edu Systems Librarian University of Chicago Library browse.war browse/WEB-INF/web.xml ?xml version=1.0 encoding=UTF-8? web-app version=2.4 xmlns=http://java.sun.com/xml/ns/j2ee; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; servlet servlet-nameBrowse/servlet-name servlet-classedu.ncsu.lib.browse.Browse/servlet-class init-param param-namevsiUrl/param-name param-valuehttp://localhost/~tod/virtualshelfindex/handler//param-value !-- param-valuehttp://your.url.here/virtualshelfindex//param-value -- !-- param-valuehttp://webdev.lib.ncsu.edu/virtualshelfindex//param-value -- /init-param init-param param-namelibraryName/param-name param-valueThe University of Chicago Library/param-value /init-param init-param param-namelibraryShortName/param-name param-valueUChicago/param-value /init-param init-param param-namecatalogBaseUrl/param-name param-valuehttp://notus.lib.uchicago.edu/staging//param-value /init-param /servlet servlet-mapping servlet-nameBrowse/servlet-name url-pattern/browse/*/url-pattern /servlet-mapping session-config session-timeout 30 /session-timeout /session-config welcome-file-list welcome-file browse /welcome-file /welcome-file-list error-page exception-type java.lang.Exception /exception-type location /jsp/error.jsp /location /error-page /web-app testvsb.war: testvsb/WEB-INF/web.xml ?xml version=1.0 encoding=UTF-8? web-app version=2.4 xmlns=http://java.sun.com/xml/ns/j2ee; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; servlet servlet-nameTestVSB/servlet-name servlet-classedu.ncsu.lib.browse.Browse/servlet-class init-param param-namevsiUrl/param-name param-valuehttp://localhost/~tod/virtualshelfindex/handler//param-value !-- param-valuehttp://your.url.here/virtualshelfindex//param-value -- !-- param-valuehttp://webdev.lib.ncsu.edu/virtualshelfindex//param-value -- /init-param init-param param-namelibraryName/param-name param-valueThe University of Chicago Library/param-value /init-param init-param param-namelibraryShortName/param-name param-valueUChicago/param-value /init-param init-param param-namecatalogBaseUrl/param-name param-valuehttp://notus.lib.uchicago.edu/staging//param-value
Re: Users and authentication - how?
If you find please share it with the rest of us. The only solution I could find is * either use a portal solution which has already implemented a security model like, Jetspeed 2. uportal etc * go with the default models as they are presented in JEE tutorial, basic , form etc. * Implement your own using phase listeners. Using a portal takes time to learn. The default models are very primitive, they do not support localization or roles. They have roles but basically there is 1-1 mapping between roles and groups which is not very practically in real applications. Phase Listeners seems the most promising approach. I had already done alot of work designing the db schema for security and the stored procedures but I couldn't decide to go for phase listeners as there is no clear guideline on how to use them or if it is the right approach for such a problem. I finally decided to go for the form which created a very ugly interface as several languages are not supported and as said the security model is very primitive. Please tells us how you decided to proceed if you continue with this endeavour. 18/9/2011 6:17 ??, ?/? Dola Woolfe ??: Hi, I'm missing something very basic. I will develop a web application with users and authentication. Surely, there exists a relatively generic approach to this that includes a backend database, new user form and authentication rules! But I can't find. Can someone direct me as to where to start my research? Thanks! Dola - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Users and authentication - how?
18 sep 2011 kl. 17.17 Dola Woolfe wrote: Hi, I'm missing something very basic. I will develop a web application with users and authentication. Surely, there exists a relatively generic approach to this that includes a backend database, new user form and authentication rules! But I can't find. Can someone direct me as to where to start my research? I'm using Spring Security Framework http://static.springsource.org/spring-security/site/ . /MiB - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Running two versions of servlet in same tomcat instance
Aha, that fixes it. Thanks for that explanation, I had completely missed that about the url-pattern being relative to the webapp. I clearly need to un-confuse myself about servlet-mapping. Thank you! -Tod On Sep 18, 2011, at 2:19 PM, André Warnier wrote: Hi. Change the url-pattern of your test application, to be exactly the same as the url-pattern of the production application. And invoke it as http://yourhost.cpy.com/testvsb/;, followed by the same rest of URL as what you use for the main application. Brief explanation : the url-pattern is *relative* to the webapp name. The webapp name is the name of your application's directory (in other words, the name of the first directory level under (tomcat_dir)/webapps/). .. Except one special case : the default application lives under the path (tomcat_dir)/webapps/ROOT/ (in capitals), but its webapp name is /. If the above does not work, then show us how the directory structure under (tomcat_dir)/webapps/ looks like, and which URL you use to access the production application. Tod Olson wrote: I would like to run two versions of the same servlet (same servlet-class, but with different WAR filename, servlet-name and url-pattern) under a single instance of Tomcat 6.0.33. Basically, the aim is to run both test and production versions of the servlet under the same instance. Better to run them under separate instances, but getting a suitable second instance is proving difficult. I thought that the same servlet-class would be fine as long as the servlet-name and url-pattern were different, but does not seem to be enough. The problem I encounter is that while the production version is deployed by Tomcat just fine, the test version is not loaded. The test version is unbundled in web apps directory and there is a deployment message in the catalina log, but when I point a web browser to the servlet, the result is just HTTP 404 error: The requested resource (/testvsb/) is not available. I've been unable to find any kind of useful debugging clues in the catalina logs, like a servlet deployment or invocation error, but my knowledge of Tomcat is meagre. The web.xml files for the two servlets are included below, in case they are of interest. The init-param sections are the same because I'm still testing out the two-servlets-in-one-tomcat concept on my laptop. Any ideas or advice on how to proceed would be appreciated. -Tod Tod Olson t...@uchicago.edu Systems Librarian University of Chicago Library browse.war browse/WEB-INF/web.xml ?xml version=1.0 encoding=UTF-8? web-app version=2.4 xmlns=http://java.sun.com/xml/ns/j2ee; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; servlet servlet-nameBrowse/servlet-name servlet-classedu.ncsu.lib.browse.Browse/servlet-class init-param param-namevsiUrl/param-name param-valuehttp://localhost/~tod/virtualshelfindex/handler//param-value !-- param-valuehttp://your.url.here/virtualshelfindex//param-value -- !-- param-valuehttp://webdev.lib.ncsu.edu/virtualshelfindex//param-value -- /init-param init-param param-namelibraryName/param-name param-valueThe University of Chicago Library/param-value /init-param init-param param-namelibraryShortName/param-name param-valueUChicago/param-value /init-param init-param param-namecatalogBaseUrl/param-name param-valuehttp://notus.lib.uchicago.edu/staging//param-value /init-param /servlet servlet-mapping servlet-nameBrowse/servlet-name url-pattern/browse/*/url-pattern /servlet-mapping session-config session-timeout 30 /session-timeout /session-config welcome-file-list welcome-file browse /welcome-file /welcome-file-list error-page exception-type java.lang.Exception /exception-type location /jsp/error.jsp /location /error-page /web-app testvsb.war: testvsb/WEB-INF/web.xml ?xml version=1.0 encoding=UTF-8? web-app version=2.4 xmlns=http://java.sun.com/xml/ns/j2ee; xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance; xsi:schemaLocation=http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd; servlet servlet-nameTestVSB/servlet-name servlet-classedu.ncsu.lib.browse.Browse/servlet-class init-param param-namevsiUrl/param-name param-valuehttp://localhost/~tod/virtualshelfindex/handler//param-value !-- param-valuehttp://your.url.here/virtualshelfindex//param-value -- !-- param-valuehttp://webdev.lib.ncsu.edu/virtualshelfindex//param-value -- /init-param init-param param-namelibraryName/param-name param-valueThe
get UserPrincipal() is null on Tomcat v6.0.33
Hello All, I am unable to get request.getUserPrincipal() or request.getRemoteUser() after successful external authentication. I would greatly appreciate if you could let me know of any configuration on tomcat server to be looked at to get the user principal. Below is the implementation details: I have a sample app deployed on Tomcat v6.0.33. J2EE Policy Agent 3.0.3 is also installed on the same server. I have configured to have external authentication using the J2EE agent and accomplished using OpenAM Enterprise Server. The tomcat container is protected using this authentication implementation. When I try the sample app URL, I am redirected to the OpenAM server where the user is authentication and redirected back to the application. Using the request object, I am able to get all the user information like uid, givenname, sn, cn etc. but request.getUserPrincipal() or request. getRemoteUser() is null. I tried adding the following code to web.xml either on the application or tomcat container itself, still I am unable to get the user principal. I would greatly appreciate if you could let me know of any configuration I should be looking at on tomcat server. Thanks in advance. filter filter-nameAgent/filter-name filter-classcom.sun.identity.agents.filter.AmAgentFilter/filter-class /filter filter-mapping filter-nameAgent/filter-name url-pattern/*/url-pattern dispatcherREQUEST/dispatcher dispatcherINCLUDE/dispatcher dispatcherFORWARD/dispatcher dispatcherERROR/dispatcher /filter-mapping security-constraint display-nameExample Security Constraint/display-name web-resource-collection web-resource-nameEntire Application/web-resource-name url-pattern/*/url-pattern /web-resource-collection /security-constraint Thanks Yogesh