oops, also here is my resource definition from my web.xml:
!-- Define reference to the user database for looking up roles --
resource-env-ref
description
Link to the UserDatabase instance from which we request lists of
defined role names. Typically, this will be connected to the
InitialContext.lookup() gives you a simple object:
so change your code to
Context ic = new InitialContext();
Object o = ic.lookup(java:comp/env/users);
set a breakpoint and see, what type of object you're getting back.
hth
gregor
--
what's puzzlin' you, is the nature of my game
gpgp-fp:
//code
Object o = ic.lookup(java:comp/env/users);
System.out.println(o.getClass().getName()); // prints :
org.apache.catalina.users.MemoryUserDatabase
doing instanceof tests on the returned object for MemoryUserDatabase
UserDatabase all fail, even though in debug that's clearly what it
this is weird, check this out:
//code (tomcat 5.5.23)
java.security.Principal p = request.getUserPrincipal();
System.out.println(p.getClass().getName().equals(MemoryUser.class.getName()));
// prints true
System.out.println(p.getClass().equals(MemoryUser.class)); //prints false
So what this is
From: Matthew Kerle [mailto:[EMAIL PROTECTED]
So what this is saying is that the *names* of the classes are
the same,
but the actual classes are different. this is crazy...
I suspect the two classes are being loaded by different classloaders - a
common and entertaining* problem in Tomcat
Peter,
you're exactly right.
***code***
Class c1 = request.getUserPrincipal().getClass(); //get the class of the
Principal that tomcat created , which is a MemoryUser instance
Class c2 = MemoryUser.class; // get the class loaded by the current loader
From: Matthew Kerle [mailto:[EMAIL PROTECTED]
Class c1 = request.getUserPrincipal().getClass(); //get the
class of the
Principal that tomcat created , which is a MemoryUser instance
Class c2 = MemoryUser.class; // get the class loaded by the
current loader
you're exactly right again. I just checked my project settings, I had to
add catalina.jar to the project libraries to get the class to compile,
but I'd forgotten to prevent it from being deployed, so there was a copy
of catalina.jar in my /WEB-INF/lib, doh!
So I configured it to not be
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt,
Matthew Kerle wrote:
this is weird, check this out:
//code (tomcat 5.5.23)
java.security.Principal p = request.getUserPrincipal();
System.out.println(p.getClass().getName().equals(MemoryUser.class.getName()));
// prints true
From: Matthew Kerle [mailto:[EMAIL PROTECTED]
the MemoryUser class is in catalina.jar, which is in the server/lib
folder. would I be right in saying that web application code
is barred
from loading any classes from the server/lib directory?
(light bulb comes on)
Ah yes, I remember this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter,
Peter Crowther wrote:
We ended up with the horrible, horrible hack of
pulling the class out of catalina.jar, putting it in its own jar, and
deploying that in common/lib.
Shouldn't it be acceptable to simply move catalina.jar from
Hi Chris
I naively tried relocating the catalina.jar to /common/lib, and got the
below error. Peter has a good comment to this problem in his reply, so
I'll continue the thread in response to his mail.
many thanks!
cmd /c C:\servers\apache-tomcat-5.5.23\bin\catalina.bat run
Using
From: Christopher Schultz [mailto:[EMAIL PROTECTED]
Shouldn't it be acceptable to simply move catalina.jar from server/lib
to common/lib?
Sure, you'll still have a non-standard install, but it's easier to
script a setup like that than pulling specific classes out of
the distro (which may
no, see my previous reply, tomcat fails to bootstrap if catalina.jar is
not in server/lib...
Christopher Schultz wrote:
Peter,
Shouldn't it be acceptable to simply move catalina.jar from server/lib
to common/lib?
Sure, you'll still have a non-standard install, but it's easier to
script a
I agree, the Principal interface is verily hobbled and almost useless
(Go Sun!). The catalina implementations are much more user-friendly, but
unfortunately difficult to access.
I can't really justify making the tomcat install non-standard (also
probably not possible as it's owned by the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matthew,
Matthew Kerle wrote:
no, see my previous reply, tomcat fails to bootstrap if catalina.jar is
not in server/lib...
That's too bad.
Why not just use the built-in authentication and authorization mechanism
instead of trying to use Tomcat's
just downloaded security filter and had a look, it looks very cool. If I
had more robust requirements for my authentication (and more time!) I
would probably use it.
At the moment though I've got a workable work-around in using the
toString() method, so I'll just use that instead.
thanks
Hi!
A more flexible option is to use securityfilter
(http://securityfilter.sourceforge.net) to handle everything.
If you are already using spring have a look at ACEGI.
It is not really easy to install, but allows you to e.g. have different
login methods within the same webapp.
Regarding the
http://tomcat.apache.org/tomcat-5.5-doc/class-loader-howto.html
this is why I can't reference any classes loaded from server/lib in my
webapp, the server/lib classes are loaded by the web application
classloader's uncle, so to speak, the sibling of it's parent. so it
makes sense that no web
Mario, you are a hero. do women come and worship you in the street? they
should! Using reflection to break into an object of a foreign class is
just...genius! this is the sort of thing that Ruby programmers do all
the time, but is very hard to do in Java...
my final code (in the context of a
Hi!
Mario, you are a hero. do women come and worship you in the street?
Haha! Oh boy ... you don't want to know ...
Glad it helped you! :-)
Ciao,
Mario
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe,
21 matches
Mail list logo