Another...java.lang.LinkageError:loader constraints violated

Hi, I have found a number of this error in the archive but no answer. >From a standard 4.0.1 distribution I place xalan.jar in the webapps lib directory for this webapp and I get the error, however, if I move xalan.jar to %CATALINA_HOME%/lib the problem does not occur. I can't figure out why th

Re: Off topic:Old jserv source question

Daniel Rall wrote: > > On Mon, 3 Dec 2001, Antony Bowesman wrote: > > > "Craig R. McClanahan" wrote: > > > > > > Apache JServ sources are still available via anonymous CVS from the > > > Jakarta web site (see http://jakarta.apache.org/sit

Re: Off topic:Old jserv source question

"Craig R. McClanahan" wrote: > > Apache JServ sources are still available via anonymous CVS from the > Jakarta web site (see http://jakarta.apache.org/site/cvsindex.html). > The CVS module name is "java-jserv". Brilliant! Thanks Craig. containsHeader() was broken in jserv 1.1.2. Antony --

Off topic:Old jserv source question

Hi, Sorry for the legacy question but it seems all the names I come across when doing a search for this seem to be working on Tomcat... I'm stuck fixing a problem with a servlet running in jserv/apache environment. I have a servlet service() method which sets a response header public void ser

Re: Problem with JAAS and TOMCAT 4.0.1

Ismael Blesa Part wrote: > > Hi have modified the sample given with JAAS 1.0. I have developed a > jsp that calls the sample.java file. This file has been modificated > in > several ways, the main method has been changed to a method class and > some other changes to adapt it to a web application.

Default policy file for TC4 - excessive permissions

The catalina.policy file gives AllPermissions to the webapp shared lib/classes directories by default. Isn't this too liberal. Shouldn't the policy file explicitly name the 3 jars with the default 4.0.1 distribution in lib. Rgds Antony -- To unsubscribe, e-mail: Fo

Re: Tomcat: Distributed Session Management revisited

hanges which get refreshed lazily when required. SMs are remote over RMI and the proxy is local to the container. Rgds Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] phone: +358 9 5128 2562 fax : +358 9 5128 2705 intra / extra / Internet solutions at www.teamware.com -- To unsubsc

Re: Session variables in TC 4.0.1 realms

Hi, > I'm going to develop an authentication realm (based on FORM > authentication) for TC 4.0.1 which performs a kind of > challenge/response task: Put a challange into a session variable > on the login page (.jsp). The expected password would then be the > encrypted challenge. Whithin my real

Re: J2EE 1.3/Tomcat/JAAS

"Craig R. McClanahan" wrote: > That being said, we have tried to conform to the J2EE 1.3 platform > requirements where feasible (such as with the JNDI naming context), > and this one (JAAS) looks like a very useful addition. In principle, > it will require a Realm implementation that speaks the

J2EE 1.3/Tomcat/JAAS

Hi, Is there a target for Tomcat to become a J2EE 1.3 conformant web container? If so, what are the plans for supporting section 6.13 J2EE.6.13 Java™ Authentication and Authorization Service (JAAS) 1.0 Requirements "All EJB containers and all web containers must support the use of the JAAS API

Re: Getting HttpRequest inside Realm/Tomcat 4

Craig, > One of the outgrowths of that realization is another JSR that you > might want to keep track of (via : > > JSR #115 -- Java(tm) Authorization Service Provider > Contract for Containers > > Once this is fleshed out, Tomcat can be modified to support t

Re: Getting HttpRequest inside Realm/Tomcat 4

Hi Craig, Thanks for your comments again. > You're right ... there is nothing there to do this. The original > design was based on the idea that Realm simply encapsulates a > service that authenticates a user, given a username and some > credentials. In addition, it needs to work even when HTT

Getting HttpRequest inside Realm/Tomcat 4

can't find anything. Rgds -- Antony Bowesman Teamware Group [EMAIL PROTECTED] phone: +358 9 5128 2562 fax : +358 9 5128 2705 intra / extra / Internet solutions at www.teamware.com

Re: JAAS/Classloaders/Tomcat4

Hi Craig, Thanks for the reply. "Craig R. McClanahan" wrote: > > You should *not* be doing both of these things -- either put it on > the classpath *or* put it in $CATALINA_HOME/lib. I agree, but that's part of the problem, where do you put the jar file if it needs to be on the system classpat

JAAS/Classloaders/Tomcat4

done to the startup scripts and JAAS login modules can just be dropped into the system classes directory as needed. Rgds -- Antony Bowesman Teamware Group [EMAIL PROTECTED] phone: +358 9 5128 2562 fax : +358 9 5128 2705 intra / extra / Internet solutions at www.teamware.com

Re: First day - RE: PROPOSAL: Tomcat docs

Glenn, Glenn Nielsen wrote: > > Antony Bowesman wrote: > > > > Glenn Nielsen wrote: > > > > > > Antony Bowesman wrote: > > > > > > > > > 8. Security > > > > > > > > How about > > > > 8

Re: First day - RE: PROPOSAL: Tomcat docs

Glenn Nielsen wrote: > > Antony Bowesman wrote: > > > > > 8. Security > > > > How about > > 8.1 Concepts - Explanation of J2EE and Java 2 security models > > 8.2 Authentication with Realms > > 8.2.1 Simple realm > > 8.2.2 JDBC Realm >

Re: First day - RE: PROPOSAL: Tomcat docs

Punky Tse wrote: > > Rob, > Please see below for rephrased version of Introduction and > Administrator Guide. > > I combined the Introduction and Administrator's Guide to Administrator > Guide. Actually this is my proposed TOC. And I believe that we need > separate document for differ

Re: TC4 docs - can we end this?

"Rob S." wrote: > > So please, can we at least START some discussion about the > contents of the docs other than "we need to write them" ? > There's a lot of work to be done, and I would imagine that > someone knows where a good place is to start. Let's start from the bottom up. We already hav

Jaxp.jar 1.0 and 1.1

Thought this would be better posted to dev rather than user where it originally went Does anyone know of any problems or implications of replacing the jaxp.jar shipped with tomcat 3.2.2 with jaxp 1.1 Tomcat seems to work with 1.1. Antony

Re: per-context realms

Michael Jennings wrote: > > Hi everyone, > > Does anyone have an idea of how I could go about implementing > realms/authentication on a per-context basis? > Ideally, what I would like to do is have each context control > their users and roles. Where should I look to get a clue? Make a simple re

Re: realms and authentication

Andy Armstrong wrote: > > Antony Bowesman wrote: > > > > Andy Armstrong wrote: > > > > > > Michael Jennings wrote: > > > > > > > > Thanks for the feedback! > > > > > > > > Does tomcat 3.2.2 currently suppor

Re: realms and authentication

"Ignacio J. Ortega" wrote: > > I do like your idea , this was something i was talking some time ago, > But better than for 3.2.2 ( that is on bug fix mode only , no new > features ), But I would prefer to apply your idea to share Realms > Implementatios between 3.3 and 4.0, a much more useful obj

Re: realms and authentication

Andy Armstrong wrote: > > Michael Jennings wrote: > > > > Thanks for the feedback! > > > > Does tomcat 3.2.2 currently support JAAS? > > Not in any explicit sense I think (anyone?), JAAS is not explicitly supported by tomcat. JAAS was only available from JDK 1.3, supplied as an extension. JAA

What are 'notes' all about

he comments are fairly abstract and don't give much clue. Rgds Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705

Re: Tomcat Interceptors - proof read, anyone?

ts to an interceptor so synchronisation is necessary. Keep going! Tomcat is sorely lacking good documentation. Rgds -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705

Re: JSP and SecurityManager [was RE: 3.2.2. When's it shipping?]

ve attached > the most recent tomcat.policy file. > > > -Original Message- > > From: Antony Bowesman [mailto:[EMAIL PROTECTED]] > > Sent: Monday, May 21, 2001 12:49 AM > > To: [EMAIL PROTECTED] > > Subject: Re: JSP and SecurityManager [was RE: 3.2.2. When

Re: JSP and SecurityManager [was RE: 3.2.2. When's it shipping?]

se permissions with no codeBase. If you add them under the specified codeBase grant codeBase "file:${tomcat.home}/-" They still cause the access exception. I have even tried the following codeBases grant codeBase "file:c:/-" grant codeBase "file:h:/-" with still t

Re: 3.2.2. When's it shipping?

Marc Saegesser wrote: > > I bloody hope so. > > Here's the plan. Beta 5 was released on Friday, May 11. This beta > cycle is planned for one week. Unless someone reports a show > stopping bug, and so far I haven't seen one, on Friday, May 18th. > I'll call release vote on tomcat-dev. This vo

Bug in runtime/JspFactoryImpl.java

re makes this problem occur. Rgds -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705

Jasper Exception with security and login.jsp

is a known problem with an access control failure during an authentication request. Full exception details shown below. Rgds Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705 Error: 500 Location: /helloweb/jsp/security/login/login.jsp Intern

Re: Session per context question

plus you will > want to examine the other classes in the same package to see how the > interactions work. Thanks for comments again! I will take a look. Rgds Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705

Session per context question

session should be created when getSession(true) is called. Rgds Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705

Re: Realm implementations

context. > > I don't know if it would be a good idea. If you really want to keep the > security context longer you should use your own cache, and let the session > work as it is supposed to. > > ( and it shouldn't be very difficult ). > > Please let us know how this project evolves - I'm very interested in JAAS > authentication for tomcat, as an add-on module. > > Costin Best regards Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705

Re: Realm implementations

Craig, Thanks for your comments. "Craig R. McClanahan" wrote: > > On Fri, 4 May 2001, Antony Bowesman wrote: > > > Hi, > > > > In TC 3.x authenticate() method of a realm is called for every request. > > (I gather this is changed in 4.x). > >

j_security_check

used. Why is it not calling the realm.authenicate(). Rgds -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705

Realm implementations

nd so I want to prevent Tomcat from losing the authenticated context. How does this fit into TC4? Best regards Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705

Relase 3.3 status

Does anyone have schedules for 3.3 release. Current release plan shows 3.3 final release as at Apr 5. Rgds Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705

Re: JNDI realm

hatever your Principal implementation wants it to return. Rgds -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9 5128 2562 fax: +358 9 5128 2705

Re: Plugging realms and JAAS into Tomcat 3.2

s relate to the EJBContext.isCallerInRole() method? Are they the same roles or is there some mapping that tomcat does or are they even passed at all? Are the roles popluated intended to be Web Container depoloyment descriptor roles? Rgds Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] t

Plugging realms and JAAS into Tomcat 3.2

security context into the Web container's security context, so that, for example, IsUserInRole() can be used to determine Roles from the original user realm and any calls to EJB container will get the security context. Rgds Antony -- Antony Bowesman Teamware Group [EMAIL PROTECTED] tel: +358 9