Bug in Form Based Authentication? (v5.0.25)
I through I'd try re-explaining an issue I didn't get an answer on before. Hopefully this is clearer! I've deployed two apps to a single instance of Tomcat v5.0.25. Both apps are deployed as the default app for their respective domains (i.e. Context path= ...) The app deployed to www.mydomain.com does not use authentication. The second app deployed to a subdomain of www.mydomain.com (i.e. dev.mydomain.com) is deployed with FORM based authentication. Tomcat correctly presents the login page when an attempt to access a protected URI is made with the second app. Unfortunately after submitting the login form, Tomcat returns a 404 response and a blank page. I believe the backing realm and protected resource URIs are correct because redeploying the second web app with BASIC authentication results in the expected behaviour...dialog box pops up requiring login when the same protected URI is accessed and upon successful login, the desired page is rendered. I do not see any error messages in any of the log files or the console when the app is deployed with FORM based authentication. The same web app deployed to a localhost host with an explicit context path (i.e. Context path=/SecuredWebapp ...) works correctly with FORM based authentication. If anyone can atleast let me know how to troubleshoot (if not solve) this it would be greatly appreciated (I've now spent 1 week on this). Thanks in advance, Jon - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
404 response form authentication problem
I have a login form that works fine in my local development environment with a single webapp deployed to the default localhost host. However, in a hosted environment with multiple hosts defined in my server.xml Tomcat returns a 404 response and a blank page. The html form follows the servlet spec definition, the application deploys successfully in (confirmed via log files), and I'm successfully redirected to my login page when trying to access a protected resource. I have cookies enabled in my browser and I see that a call to request.isRequestedSessionIdFromCookie() = true in my log files. If I change the web.xml's auth-method element from FORM to BASIC, I get challenged for a login and then successfully redirected. I'm at a loss for why this isn't working any help/thoughts are greatly appreciated! form method=POST name=login action=j_security_check input type=text name=j_username/ input type=password name=j_password / input type=submit name=Submit value=Login/input type=reset name=cancel value=Reset/ /form I've defined a host in the server.xml that uses a sub-domain. I also have another host running on the same Tomcat instance Host name=dev.mydomain.com debug=99 appBase=webapps unpackWARs=true autoDeploy=true xmlValidation=true xmlNamespaceAware=false /Host - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JNDI Context Environment settings?
Unfortunately, it does not appear Tomcat 4.x provides cross-jvm access to the objects bound to it's jndi implementation. http://forum.java.sun.com/thread.jsp?thread=190331forum=51message=1824 252 http://renaud.waldura.com/software/java/com.waldura.eclipse.jndibrowser/ doc/COMPATIBILITY.html -Original Message- From: Jon Wilmoth Sent: Tuesday, September 09, 2003 7:53 PM To: Tomcat Users List Subject: JNDI Context Environment settings? If accessing a Tomcat (4.1.27 in my case) jndi tree from another jvm (i.e. command line) what values should I use for Context.INITIAL_CONTEXT_FACTORY, Context.PROVIDER_URL, etc. for Tomcat? I believe 4.x has a JDNI implementation, but the description of how to attach to it externally is not very good. If the INITIAL_CONTEXT_FACTORY is supposed to be org.apache.naming.java.javaURLContextFactory (as I've seen hinted at elsewhere) what is the syntax of such a url? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Encrypt passwords for JNDI Resources (Datasource specifically)
I'd like to be able to encrypt the database passwords used in the JDBC pool configuration block. Is this possible in 4.1.27? 5.x? Something as simple as base64 encoding would be fine, I just can't store it as easy to read plain text. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JNDI Context Environment settings?
If accessing a Tomcat (4.1.27 in my case) jndi tree from another jvm (i.e. command line) what values should I use for Context.INITIAL_CONTEXT_FACTORY, Context.PROVIDER_URL, etc. for Tomcat? I believe 4.x has a JDNI implementation, but the description of how to attach to it externally is not very good. If the INITIAL_CONTEXT_FACTORY is supposed to be org.apache.naming.java.javaURLContextFactory (as I've seen hinted at elsewhere) what is the syntax of such a url? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
