Easy EL question
Hello ! I'm still having problem with all the different syntax used in JSP... so excuse my question if it sound really stupid ! I'm having to iterate on the values of a Map. So I'd like something like that : c:catch c:set var=items value=${itemsMap.values}/ /c:catch c:forEach items=${items} var=item [do something] /c:forEach Of course, it doesnt work because there is no getter in a Map to get the values ... There is probably a very easy and standard way to do exactly that ... could you help me on that one ? Thanks Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Easy EL question
Thanks for your answer ! But I'm afraid I dont really understand how to use it ... Do you mean I should iterate on the keys of my Map ? But then the question is of course How do I iterate on the keys ?. Maybe I should be more precise in my example, so here is my actual code (which doesnt work). dmaAssistantSession.deletedDmasSimple is a Map of beans (id, label). The key to the Map is the id of the bean itself (but I dont use the key here). c:catch c:set var=deletedDmas value=${dmaAssistantSession.deletedDmasSimple}/ /c:catch ul id=overviewDeletedDmas c:forEach items=${deletedDmas} var=deletedDma li html:link action=/DMAAssistant/ChooseDeletedDMAToCancelRemove paramId=id paramName=deletedDma paramProperty=id bean:message name=deletedDma property=label/ /html:link /li /c:forEach /ul Thanks a lot for the answer, but I would be even more thankfull if a bit more explanation goes with it ... On 8/8/05, Allistair Crossley [EMAIL PROTECTED] wrote: you use .key or .value, e.g item.value['key'] item.key Allistair -Original Message- From: Guillaume Lederrey [mailto:[EMAIL PROTECTED] Sent: 08 August 2005 10:34 To: Tomcat Users List Subject: Easy EL question Hello ! I'm still having problem with all the different syntax used in JSP... so excuse my question if it sound really stupid ! I'm having to iterate on the values of a Map. So I'd like something like that : c:catch c:set var=items value=${itemsMap.values}/ /c:catch c:forEach items=${items} var=item [do something] /c:forEach Of course, it doesnt work because there is no getter in a Map to get the values ... There is probably a very easy and standard way to do exactly that ... could you help me on that one ? Thanks Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] FONT SIZE=1 FACE=VERDANA,ARIAL COLOR=BLUE --- QAS Ltd. Registered in England: No 2582055 Registered in Australia: No 082 851 474 --- /FONT - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Easy EL question
On 8/8/05, Allistair Crossley [EMAIL PROTECTED] wrote: Hi, With what you supplied, the answer was the best you could have expected. The deletedDma item per loop iteration is of type MapEntry. This has getKey and getValue, hence why you can call deletedDma.key and deletedDma.value. Thanks a lot for the clarification (and for the short time between question and answer, amazing !). I know, my question was probably not clear enough, but ... I'm so uncomftable with JSP for the moment that I dont really know how to ask the questions ... I finally resolved it with : c:forEach items=${deletedDmas} var=deletedDma html:link action=/DMAAssistant/ChooseDeletedDMAToCancelRemove paramId=id paramName=deletedDma paramProperty=value.id bean:message name=deletedDma property=value.label/ /html:link /c:forEach It might be of some help if somebody has the same problem as me one of this day ... // you don't need this block by the way // I know, it just help type a bit less when reusing the var ... c:catch c:set var=deletedDmas value=${dmaAssistantSession.deletedDmasSimple}/ /c:catch Again, thanks a lot for your great help ! I think I'm slowly getting into JSP ... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
WEB-INF/context.xml
Hello ! I've read on http://wiki.jboss.org/wiki/Wiki.jsp?page=LimitAccessToCertainClients that it seems possible to add a context.xml file under WEB-INF. I tried to use the following context.xml : Context privileged=true antiResourceLocking=false antiJARLocking=false reloadable=true Realm className=org.apache.catalina.realm.DataSourceRealm dataSourceName=/jdbc/Siems userTable=siems_user userNameCol=login userCredCol=password userRoleTable=siems_user_role roleNameCol=role_name/ /Context But now I get an HTTP 403. Is it valid to declare a Realm in WEB-INF/context.xml ? Is there a place with more docs about this feature ? Thanks for your help ! Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Using a constant in a JSP
Hello ! This is probably a dumb question, but I'll try anyway. Please dont laugh at my ignorance ;-) I'm trying to use a constant (static final String) that is defined in a class. My code looks roughly so : %@ page import='ch.tecost.siems.dao.care.planification.FrequencyType' % [...] html:radio name=form property=frequencyType value=${FrequencyType.MEAL_TIME} [...] / Of course, this doesnt seem to work. What would be the right syntax ? I'm a bit lost and dont know exactly what I should be looking for. Yes, I tried Google with no success; or too much success (millions of page that dont exactly tell me what to do in this case) ... Thanks a lot for the time you will take to make me less ignorant ! Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using a constant in a JSP
On 7/20/05, Raghupathy,Gurumoorthy [EMAIL PROTECTED] wrote: html:radio name=form property=frequencyType value=%= FrequencyType.MEAL_TIME % [...] / Regards Guru Thanks a lot ! Of course, it's obvious once we know it ... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using a constant in a JSP
Next dummy question : I have a test between a Constant and a page variable : c:when test=${form.frequencyType == % FrequencyType.MEAL_TIME.getValue(); %} Which also doesnt use the right syntax ... If you're not bored yet, could please help me a bit more ? Thanks a lot ! Guillaume On 7/20/05, Guillaume Lederrey [EMAIL PROTECTED] wrote: On 7/20/05, Raghupathy,Gurumoorthy [EMAIL PROTECTED] wrote: html:radio name=form property=frequencyType value=%= FrequencyType.MEAL_TIME % [...] / Regards Guru Thanks a lot ! Of course, it's obvious once we know it ... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using a constant in a JSP
On 7/20/05, Bernhard Slominski [EMAIL PROTECTED] wrote: Hi, this is simply not supported in EL! I submitted this already as an enhancement https://jsp-spec-public.dev.java.net/issues/show_bug.cgi?id=134 But it won't be in the next release in JSP 2.1, that's for sure. So you need to do a workaround: - Use a bean to retrive the constant - write an EL function Thanks for the reply. Too bad it doesnt work à droite en dehors de la boite ... I'll use your workaround for now. Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using a constant in a JSP
On 7/20/05, Raghupathy,Gurumoorthy [EMAIL PROTECTED] wrote: logic:equals name=form property=frequencyType value=%= FrequencyType.MEAL_TIME % Guru Loves Struts /logic:equals Wow... ! This one looks better ! Thanks a lot ! Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Using a constant in a JSP
On 7/20/05, Raghupathy,Gurumoorthy [EMAIL PROTECTED] wrote: logic:equals name=form property=frequencyType value=%= FrequencyType.MEAL_TIME % Guru Loves Struts /logic:equals Just a small correction for the next one who'll need this advice : The tag is logic:equal/ and NOT logic:equals/ (at least if we are both talking about the struts-logic taglibs ... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: What is allowed to do with a HttpServletRequest ?
The question is probably : why do you need to refer to the first request ?. Dont you need to actually refer to some state of the request ? Could you extract that state from the request instead of storing the full request ? Maybe I'm just asking a dumb question, but I have problem understanding why you would need the whole request ... On 7/14/05, cristi [EMAIL PROTECTED] wrote: Hello all I have a web application where I need to use in a second request the HttpServletRequest object sent to the same servelet in the first request. Here is what my servlet looks like : public void doGet( HttpServletRequest request, HttpServletResponse response ) { /* some code here detecting if this request is the first one. This code initializes isFirstRequest */ if( isFirstRequest ) { session.setAttribute( FIRST_REQUEST_OBJECT, request ); request.getRequestDispatcher(somepage.jsp).forward(request, response); } else { HttpServletRequest oreq = (HttpServletRequest)session.getAttribute(FIRST_REQUEST_OBJECT); request.getRequestDispatcher(somepage.jsp).forward(oreq, response); } } It seems that it is not safe to do so. What can I do to handle this situation ? Thx. Cristi - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: what is wrong with this tomcat-users.xml?
On 6/24/05, Christian Stalp [EMAIL PROTECTED] wrote: Hello, I still have this strange Problem with my Debian Tomcat installation: I make some entrys in my tomcat-users.xml: [...] And get this as result on my browser: [quote] HTTP Status 404 - /admin/j_security_check type Status report message /admin/j_security_check description The requested resource (/admin/j_security_check) is not available. Apache Tomcat/4.1 [/quote] It seems the problem is more related to the configuration of FORM authentication than to your tomcat-users.xml. (I cant really say more ...) But I installed all the debian tomcat packages, including the tomcat4-admin package. Is the Debian-Tomcat packages not recommendet at the moment? Should I install the packages from the catalina-homepage? It seems the recommended approach is to use the official distribution from the tomcat homepage. At the same time you will be able to upgrade to 5.5.9 instead of 4.1. Sorry for not being more helpfull ... Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Merlia driver error
On 6/22/05, Sue Roe [EMAIL PROTECTED] wrote: Hello We have a system set up with Tomcat 4.1 and SQL Server 7. We use a Merlia jdbc driver to communicate with SQL Server via a connection pool. Occasionally users get the following error when they first access a servlet that needs to call a stored procedure... It sound to me as if your SQL Server has closed the connection. Maybe there is a timeout after some inactive time ... If I were you, I'd try to log the TCP traffic (tcpdump/ethereal) to see exactly how the conection is dropped. Or (maybe easier) try to enable logging on your JDBC driver. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: accessing app from Manager - get 'Unable to find a javac compiler '
On 6/13/05, Brereton, Stephen [EMAIL PROTECTED] wrote: Unable to find a javac compiler; com.sun.tools.javac.Main is not on the classpath. Perhaps JAVA_HOME does not point to the JDK C:\Program Files\Java\jre1.5.0_02 is my JAVA_HOME path, which agrees with the jvm path in the tomcat poperties GUI. That's the path to a JRE (Runtime Environement) and not a JDK (Developpement Kit). Only the JDK provides the compilers. You should check if you actually have a JDK installed and update your JAVA_HOME - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: where do i place log4j
On 6/13/05, teknokrat [EMAIL PROTECTED] wrote: Marius Scurtescu wrote: teknokrat wrote: Place it as usual in WEB-INF/classes. It doesn't matter where the library (jar) is loaded from as long as the code is executed by your web app. If there are multiple webapps with their own properties fiesl , will they interfere with one another? No, each app can have a different configuration in its own WEB-INF/classes/log4j.properties Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Servlet app error
On 5/6/05, Gastón Simone [EMAIL PROTECTED] wrote: Hi! Does anybody know how to solve this problem? Please excuse me if the cuestion is too stupid. I am really newbie. :) root cause java.lang.NoClassDefFoundError at com.genexus.webpanels.GXWebObjectStub.callExecute(Unknown Source) at com.genexus.webpanels.GXWebObjectStub.doGet(Unknown Source) It seems there is a lib missing in your servlet. Add the required jars to /WEB-INF/lib Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SingleSignOn and Form Authentication
On 4/21/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: After the authetication and login I want to redirect to a Menu Page not to any page requested earlier. Using default form authentication tomcat redirects to the page requested not to the page I want (e.g Menu Page). That's the behavior that I want ... so I'have never looked further ... - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
SingleSignOn and Form Authentication
Hello ! I'm using SSO and Form authentication. Most of it works just fine. The only problem I have, is that I have to have the login form in both apps. Every time I change it, I have to update it in two places. I use the following code in web.xml : login-config auth-methodFORM/auth-method realm-nameSIEMS-ds/realm-name form-login-config form-login-page/login.jsp/form-login-page form-error-page/loginError.jsp/form-error-page /form-login-config /login-config I'd like to use something like : form-login-page../otherServlet/login.jsp/form-login-page Or any other way to have the login form only in one place. Is there a possibility ? Thanks for your help ! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: SingleSignOn and Form Authentication
On 4/20/05, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote: Hi, are you able to redirect after login. ? I'm not sure I understand the question ... The default FORM authentication redirects after the login to the page initially requested. I think I would more need to redirect BEFORE login to get to the right login page ... Sorry if I understood your question completely wrong ... it's not on purpose ! Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
multiple parameters and Laszlo
Hello ! This is not directly Tomcat related, but more of a general servlet API question. I am developping an application with laszlo (www.openlaszlo.org) as the front end and a servlet backend. Laszlo is a rich-client framework based on flash. My problem is that when using a multiple select list, laszlo sends the parameters as : url?list=1,2,3,... instead of url?list=1list=2list=3 That means that I cannot use request.getParameterValues(). Do you know if there is an easy work around ? Or should I parse manually the , in the param string ? Thanks for your help ! Guillaume - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JAAS authentication and global realms
Once more, could you send those mails to the tomcat mailing-list and not directly to me ? It helps me to sort my mails and it can profit to more people ... On Friday 01 April 2005 18.26, you wrote: My problem is I am not able to understand how to assign roles to a particular user. For example ..After the user is authenticated in the commit() I try to add principal to the subject with the set for roles as.. subject.getPrincipals().add((principal)); That should be correct. Though the role shows up under principals for the subject, he fails to be authenticated. Can you please help me. it's a bit urgent. Hope the problem was clear enough) Ops I am trying to use JAAS in Borland Enterprise Server. How do you check that the roles shows up in the principal ? Do you have an authentication or an authorization problem ? What implementation of Principal are you using ? Could you send the relevant java code ? Sorry that I'm not able to help you more right now ... Guillaume -- Guillaume Lederrey Rte des Arsenaux 15 1700 Fribourg +41 76 / 573 32 40 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
symlink in a webapp
Hello ! I'm trying to have a symlink in one of my webapp. Something like : myApp/ +- WEB-INF/ +- myOtherDir - symlink to somewhere else Tomcat doesnt seem to follow the symlink (I get a 404). It probably is that way for very good security reasons, but in the developpement phase, it would me most usefull for me to be able to use that trick. I suspect there is a config option somewhere but I could find it ... Thx for your help ... Guillaume Lederrey - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: symlink in a webapp
On Apr 4, 2005 1:41 PM, Trond G. Ziarkowski [EMAIL PROTECTED] wrote: http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/context.html Look for the allowLinking attribute... Once more, I seems to be blind ... Thanks for the hint ! Guillaume Lederrey - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Defining authorization problem
Hello ! I have a quite simple problem, but I cannot find doc about it ... It's actually more a general servlet quiestion than directly Tomcat related, but ... I would like to protect all my servlets except 1 or 2 ... something like : url-pattern/*/url-pattern exclude/someServlet/exclude Is this possible ? What's the syntax ? Thanks for your help ! Guillaume -- Guillaume Lederrey Informaticien Développement Tecost - Technology Consulting Studies Fribourg (Switzerland) http://www.tecost.ch/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Defining authorization problem
On Wednesday 23 March 2005 10.29, Geertjan Wielenga wrote: I would like to protect all my servlets except 1 or 2 ... something like : url-pattern/*/url-pattern exclude/someServlet/exclude Is this possible ? What's the syntax ? exclude-pattern/someServlet/exclude-pattern -- Geertjan S easy ! How come I couldnt find it ? Thanks a lot ! Guillaume -- Guillaume Lederrey Informaticien Développement Tecost - Technology Consulting Studies Fribourg (Switzerland) http://www.tecost.ch/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Defining authorization problem
On Wednesday 23 March 2005 10.29, Geertjan Wielenga wrote: I would like to protect all my servlets except 1 or 2 ... something like : url-pattern/*/url-pattern exclude/someServlet/exclude Is this possible ? What's the syntax ? Thanks for your help ! Guillaume exclude-pattern/someServlet/exclude-pattern I forgot to mention that I am using Tomcat 4.1.31 ... It seems that exclude-pattern/ is not recognized. Is it a Servlet 2.4 addition ? Is there a work around for Servlet 2.3 ? Thanks again ! Guillaume -- Guillaume Lederrey Informaticien Développement Tecost - Technology Consulting Studies Fribourg (Switzerland) http://www.tecost.ch/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Single Sign On(SSO) problem
On Friday 11 March 2005 06.36, xue daoming wrote: How to config Single Single Sign On(SSO) in Tomcat? I read Tomcat document, but I can't find information about it. Is something I miss? Anybody carried out that can help me? I just gt that one working yesterday ! All the apps that need to be accessed from SSO have to use the same Realm, not the same class but the same instance. So if you want all apps in a specific host to be accessed with SSO, then put your Realm/ tag in the host/. Configure the security in every app in the usual web.xml. Add a valve to the same host like this one : Valve className=org.apache.catalina.authenticator.SingleSignOn/ More docs in http://jakarta.apache.org/tomcat/tomcat-5.5-doc/config/valve.html That works for me, I hope it helps you ! Guillaume -- Guillaume Lederrey Informaticien Développement Tecost - Technology Consulting Studies Fribourg (Switzerland) http://www.tecost.ch/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JAAS authentication and global realms
Hello ! I'm trying to use a host wide JAAS Realm. I've written the LoginModule and tested it by declaring the Realm in the Context/ of one of my app. This app is not declared in server.xml, but in its own context.xml in /webapps. Everything is working just fine. My LoginModule logs using just System.out.println(), so I fiind its logs in logs/catalina.out. When I move the Realm decleration from the context.xml to server.xml (either in the host/ node or the Engine/ node) it stops working ... I dont see any logs of any kind ... What am I doing wrong ? The doc made me think I could just move this Realm around to change its visibility, but there would not need to do anything more ... Thanks for the help. Guillaume -- Guillaume Lederrey Informaticien Développement Tecost - Technology Consulting Studies Fribourg (Switzerland) http://www.tecost.ch/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Authentication and logging problem
I found the problem : I was using a UserPrincipal and a RolePrincipal that had a case insensitive equals() method. I was first adding the UserPrincipal with name admin, and then adding a RolePrincipal with name Admin. The case insensitive equals() implies that the Role was not added as it was equals to the User ... Pretty easy problem, but I still took 1 full day to track it down ! Guillaume On Friday 04 March 2005 15.23, Guillaume Lederrey wrote: I'm having problem with a JAAS authentication realm. I created a LoginModule, configured it as explained in http://forum.java.sun.com/thread.jspa?threadID=233317tstart=0, defined the permissions in my WEB-INF/web.xml ... The log statements (System.out.println()) I have in my login module show that the user is authenticated and that the correct roles are added to the subject. BUT : I still get a 403 when trying to access my servlets. I installed a log4j logger for Tomcat as explained in http://jakarta.apache.org/tomcat/tomcat-5.5-doc/logging.html to get some more informations. The relevant lines are included below. It seems the roles didnt get added, wich is not consistant with what I read in my LoginModule doc ... My context definition (in conf/server.xml) is : Context path=/siems-ds docBase=/home/gehel/tecost/siems/siems/ds/target/siems-ds-0.1-SNAPSHOT.war / privileged=true reloadable=true Realm className=org.apache.catalina.realm.JAASRealm appName=SIEMS-ds userClassNames=ch.tecost.siems.jaas.UserPrincipal roleClassNames=ch.tecost.siems.jaas.RolePrincipal debug=99/ /Context the following code is used to add roles in the commit() method of the LoginModule, subject is the subject received in initialize() log(adding roles ...); Collection roleList = RolePrincipal.findByUser(DBAccess .currentConnection(), userPrincipal); for (Iterator it = roleList.iterator(); it.hasNext();) { RolePrincipal role = (RolePrincipal) it.next(); log(Adding role : + role.getName()); subject.getPrincipals().add(role); } Does anybody have any idea where i should be looking to find the solution ? Thanks Guillaume Lederrey DEBUG http-8080-Processor25 org.apache.catalina.realm.RealmBase - Checking constraint 'SecurityConstraint[SIEMS - Data Service protected area]' against GET /UserList -- true DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - JAASRealm login requested for username admin using LoginContext for application SIEMS-ds DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Login context created admin DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - JAAS LoginContext created for username admin DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Checking Principal admin [ch.tecost.siems.jaas.UserPrincipal] DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Principal admin is a valid user class. We will use this as the user Principal. DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - No valid role Principals found. DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Username admin successfully authenticated as Principal {1} -- Subject was created too DEBUG http-8080-Processor25 org.apache.catalina.realm.RealmBase - Checking roles admin DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Checking if user Principal admin possesses role Root DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - No roles Principals found. User Principal or Subject is null, or user Principal not in cache DEBUG http-8080-Processor25 org.apache.catalina.realm.RealmBase - No role found: Root DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Checking if user Principal admin possesses role Admin DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - No roles Principals found. User Principal or Subject is null, or user Principal not in cache DEBUG http-8080-Processor25 org.apache.catalina.realm.RealmBase - No role found: Admin DEBUG ContainerBackgroundProcessor[StandardEngine[Catalina]] org.apache.catalina.session.ManagerBase - Start expire sessions StandardManager at 1109945560722 sessioncount 0 DEBUG ContainerBackgroundProcessor[StandardEngine[Catalina]] org.apache.catalina.session.ManagerBase - Start expire sessions StandardManager at 1109945560722 sessioncount 0 -- Guillaume Lederrey Informaticien Développement Tecost - Technology Consulting Studies Fribourg (Switzerland) http://www.tecost.ch/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Authentication and logging problem
Hello ! I'm having problem with a JAAS authentication realm. I created a LoginModule, configured it as explained in http://forum.java.sun.com/thread.jspa?threadID=233317tstart=0, defined the permissions in my WEB-INF/web.xml ... The log statements (System.out.println()) I have in my login module show that the user is authenticated and that the correct roles are added to the subject. BUT : I still get a 403 when trying to access my servlets. I installed a log4j logger for Tomcat as explained in http://jakarta.apache.org/tomcat/tomcat-5.5-doc/logging.html to get some more informations. The relevant lines are included below. It seems the roles didnt get added, wich is not consistant with what I read in my LoginModule doc ... My context definition (in conf/server.xml) is : Context path=/siems-ds docBase=/home/gehel/tecost/siems/siems/ds/target/siems-ds-0.1-SNAPSHOT.war/ privileged=true reloadable=true Realm className=org.apache.catalina.realm.JAASRealm appName=SIEMS-ds userClassNames=ch.tecost.siems.jaas.UserPrincipal roleClassNames=ch.tecost.siems.jaas.RolePrincipal debug=99/ /Context the following code is used to add roles in the commit() method of the LoginModule, subject is the subject received in initialize() log(adding roles ...); Collection roleList = RolePrincipal.findByUser(DBAccess .currentConnection(), userPrincipal); for (Iterator it = roleList.iterator(); it.hasNext();) { RolePrincipal role = (RolePrincipal) it.next(); log(Adding role : + role.getName()); subject.getPrincipals().add(role); } Does anybody have any idea where i should be looking to find the solution ? Thanks Guillaume Lederrey DEBUG http-8080-Processor25 org.apache.catalina.realm.RealmBase - Checking constraint 'SecurityConstraint[SIEMS - Data Service protected area]' against GET /UserList -- true DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - JAASRealm login requested for username admin using LoginContext for application SIEMS-ds DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Login context created admin DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - JAAS LoginContext created for username admin DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Checking Principal admin [ch.tecost.siems.jaas.UserPrincipal] DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Principal admin is a valid user class. We will use this as the user Principal. DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - No valid role Principals found. DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Username admin successfully authenticated as Principal {1} -- Subject was created too DEBUG http-8080-Processor25 org.apache.catalina.realm.RealmBase - Checking roles admin DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Checking if user Principal admin possesses role Root DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - No roles Principals found. User Principal or Subject is null, or user Principal not in cache DEBUG http-8080-Processor25 org.apache.catalina.realm.RealmBase - No role found: Root DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - Checking if user Principal admin possesses role Admin DEBUG http-8080-Processor25 org.apache.catalina.realm.JAASRealm - No roles Principals found. User Principal or Subject is null, or user Principal not in cache DEBUG http-8080-Processor25 org.apache.catalina.realm.RealmBase - No role found: Admin DEBUG ContainerBackgroundProcessor[StandardEngine[Catalina]] org.apache.catalina.session.ManagerBase - Start expire sessions StandardManager at 1109945560722 sessioncount 0 DEBUG ContainerBackgroundProcessor[StandardEngine[Catalina]] org.apache.catalina.session.ManagerBase - Start expire sessions StandardManager at 1109945560722 sessioncount 0 -- Guillaume Lederrey Informaticien Développement Tecost - Technology Consulting Studies Fribourg (Switzerland) http://www.tecost.ch/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]