RE: FORM based authentication config
Hi, see this this might help you http://www.webservertalk.com/message633890.html cheers Manish -Original Message- From: Chris Chappell [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 21, 2004 7:45 PM To: Tomcat Users List Subject: FORM based authentication config Hi I'm having trouble getting form based authentication to work. Any help much appreciated. I'm missing something simple I'm sure. (TC 5.0.19, W2K, Mysql4) I am using a JDBC Realm which works fine with BASIC auth. After changing to FORM and try http://127.0.0.1:8080/MyApp/security/protected/login.jsp I get: The requested resource (/MyApp/security/protected/login.jsp) is not available. To set this up I copied the files from the JSP examples - login.jsp, error.jsp in folders \security\protected to \MyApp\security\protected\ I copied web.xml parts: servlet servlet-nameorg.apache.jsp.security.protected_.error_jsp/servlet-name servlet-classorg.apache.jsp.security.protected_.error_jsp/servlet-class /servlet servlet servlet-nameorg.apache.jsp.security.protected_.index_jsp/servlet-name servlet-classorg.apache.jsp.security.protected_.index_jsp/servlet-class /servlet servlet servlet-nameorg.apache.jsp.security.protected_.login_jsp/servlet-name servlet-classorg.apache.jsp.security.protected_.login_jsp/servlet-class /servlet and mappings servlet-mapping servlet-nameorg.apache.jsp.security.protected_.error_jsp/servlet-name url-pattern/security/protected/error.jsp/url-pattern /servlet-mapping servlet-mapping servlet-nameorg.apache.jsp.security.protected_.index_jsp/servlet-name url-pattern/security/protected/index.jsp/url-pattern /servlet-mapping servlet-mapping servlet-nameorg.apache.jsp.security.protected_.login_jsp/servlet-name url-pattern/security/protected/login.jsp/url-pattern /servlet-mapping with security-constraint web-resource-collection web-resource-nameCalendar/web-resource-name url-pattern/Calendar/url-pattern !-- ...more... -- /web-resource-collection auth-constraint role-nameuser/role-name role-nameadmin/role-name role-namesysadmin/role-name /auth-constraint /security-constraint and configured login-config auth-methodFORM/auth-method realm-nameMyApp/realm-name form-login-page/security/protected/login.jsp/form-login-page form-error-page/security/protected/error.jsp/form-error-page /login-config Chris *** Information contained in this email message is intended only for use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the [EMAIL PROTECTED] and destroy the original message. ** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: FORM based authentication config
Thanks for that - but what it describes is what I have done, I think. The problem is: If you have the servlet definitions and mappings, the page isn't found - Since they are JSPs above web-inf in the context folder I think they don't need them. If you don't have the mappings then you get: HTTP Status 400 - Invalid direct reference to form login page - with a correct pw/un org.apache.catalina.authenticator.FormAuthenticator authenticate WARNING: Unexpected error forwarding to error page java.lang.NullPointerException with incorrect un/pw i.e. FormAuthenticator cannot forward to say the error page Chris - Original Message - From: Goel, Manish Kumar [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Tuesday, December 21, 2004 2:26 PM Subject: RE: FORM based authentication config Hi, see this this might help you http://www.webservertalk.com/message633890.html cheers Manish -Original Message- From: Chris Chappell [mailto:[EMAIL PROTECTED] Sent: Tuesday, December 21, 2004 7:45 PM To: Tomcat Users List Subject: FORM based authentication config Hi I'm having trouble getting form based authentication to work. Any help much appreciated. I'm missing something simple I'm sure. (TC 5.0.19, W2K, Mysql4) I am using a JDBC Realm which works fine with BASIC auth. After changing to FORM and try http://127.0.0.1:8080/MyApp/security/protected/login.jsp I get: The requested resource (/MyApp/security/protected/login.jsp) is not available. To set this up I copied the files from the JSP examples - login.jsp, error.jsp in folders \security\protected to \MyApp\security\protected\ I copied web.xml parts: servlet servlet-nameorg.apache.jsp.security.protected_.error_jsp/servlet-name servlet-classorg.apache.jsp.security.protected_.error_jsp/servlet-class /servlet servlet servlet-nameorg.apache.jsp.security.protected_.index_jsp/servlet- name servlet-classorg.apache.jsp.security.protected_.index_jsp/servlet-class /servlet servlet servlet-nameorg.apache.jsp.security.protected_.login_jsp/servlet-name servlet-classorg.apache.jsp.security.protected_.login_jsp/servlet-class /servlet and mappings servlet-mapping servlet-nameorg.apache.jsp.security.protected_.error_jsp/servlet-name url-pattern/security/protected/error.jsp/url-pattern /servlet-mapping servlet-mapping servlet-nameorg.apache.jsp.security.protected_.index_jsp/servlet-name url-pattern/security/protected/index.jsp/url-pattern /servlet-mapping servlet-mapping servlet-nameorg.apache.jsp.security.protected_.login_jsp/servlet-name url-pattern/security/protected/login.jsp/url-pattern /servlet-mapping with security-constraint web-resource-collection web-resource-nameCalendar/web-resource-name url-pattern/Calendar/url-pattern !-- ...more... -- /web-resource-collection auth-constraint role-nameuser/role-name role-nameadmin/role-name role-namesysadmin/role-name /auth-constraint /security-constraint and configured login-config auth-methodFORM/auth-method realm-nameMyApp/realm-name form-login-page/security/protected/login.jsp/form-login-page form-error-page/security/protected/error.jsp/form-error-page /login-config Chris *** Information contained in this email message is intended only for use of the individual or entity named above. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the [EMAIL PROTECTED] and destroy the original message. ** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: FORM based authentication config
On Tue, 2004-12-21 at 16:15, Chris Chappell wrote: Hi I'm having trouble getting form based authentication to work. Any help much appreciated. I'm missing something simple I'm sure. (TC 5.0.19, W2K, Mysql4) I am using a JDBC Realm which works fine with BASIC auth. After changing to FORM and try http://127.0.0.1:8080/MyApp/security/protected/login.jsp I get: The requested resource (/MyApp/security/protected/login.jsp) is not available. To set this up I copied the files from the JSP examples - login.jsp, error.jsp in folders \security\protected to \MyApp\security\protected\ I copied web.xml parts: servlet servlet-nameorg.apache.jsp.security.protected_.error_jsp/servlet-name servlet-classorg.apache.jsp.security.protected_.error_jsp/servlet-class /servlet servlet servlet-nameorg.apache.jsp.security.protected_.index_jsp/servlet-name servlet-classorg.apache.jsp.security.protected_.index_jsp/servlet-class /servlet servlet servlet-nameorg.apache.jsp.security.protected_.login_jsp/servlet-name servlet-classorg.apache.jsp.security.protected_.login_jsp/servlet-class /servlet and mappings servlet-mapping servlet-nameorg.apache.jsp.security.protected_.error_jsp/servlet-name url-pattern/security/protected/error.jsp/url-pattern /servlet-mapping servlet-mapping servlet-nameorg.apache.jsp.security.protected_.index_jsp/servlet-name url-pattern/security/protected/index.jsp/url-pattern /servlet-mapping servlet-mapping servlet-nameorg.apache.jsp.security.protected_.login_jsp/servlet-name url-pattern/security/protected/login.jsp/url-pattern /servlet-mapping with security-constraint web-resource-collection web-resource-nameCalendar/web-resource-name url-pattern/Calendar/url-pattern !-- ...more... -- /web-resource-collection auth-constraint role-nameuser/role-name role-nameadmin/role-name role-namesysadmin/role-name /auth-constraint /security-constraint and configured login-config auth-methodFORM/auth-method realm-nameMyApp/realm-name form-login-page/security/protected/login.jsp/form-login-page form-error-page/security/protected/error.jsp/form-error-page /login-config Chris Try to use static resources for the form-login-page and form-error-page. It works for me. And skip servlet mapping Viorel - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]