AW: JASPIC Provider for FORM based Authentication

2021-12-03 Thread Keil, Matthias (ORISA Software GmbH)
Hi Mark, sorry for the late reply. Unfortunately I was sick.

Thanks for your advice. The error was in front of the computer . I had 
misspelled the context path in the appContext

Now it works as expected

Best regards

Matthias Keil

-Ursprüngliche Nachricht-
Von: Mark Thomas  
Gesendet: Montag, 22. November 2021 18:28
An: users@tomcat.apache.org
Betreff: Re: JASPIC Provider for FORM based Authentication

On 22/11/2021 12:00, Keil, Matthias (ORISA Software GmbH) wrote:
> Hello everyone,
> 
> I take up a topic of my own again. The point there was that I would like to 
> accommodate both the configuration and the actual Server Auth module within 
> the application.
> That worked well with your advice.
> 
> Unfortunately, I have now reached the point where this solution works for one 
> application, but a parallel application on the same Tomcat then also uses the 
> Server Auth module. There is a  entry in the web.xml of the 
> second application.
> In my opinion, this is ignored as soon as JASPIC is configured for this 
> Tomcat (either statically with jaspic-providers.xml or dynamically by 
> implementing an AuthConfigProvider).
> 
> Now here are my questions:
> 1. Is there a possibility to activate the JASPIC provider for only one of the 
> two applications?

The intention is that the appContext attribute for the provider in the 
jaspic-providers.xml file limits the JASPIC configuration to a single web 
application.

> 2. OR there is an AuthConfigProvider that could implement the FORM based 
> authentication.

Not that I am aware of.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



AW: JASPIC Provider for FORM based Authentication

2021-12-03 Thread Keil, Matthias (ORISA Software GmbH)


-Ursprüngliche Nachricht-
Von: Mark Thomas  
Gesendet: Montag, 22. November 2021 18:28
An: users@tomcat.apache.org
Betreff: Re: JASPIC Provider for FORM based Authentication

On 22/11/2021 12:00, Keil, Matthias (ORISA Software GmbH) wrote:
> Hello everyone,
> 
> I take up a topic of my own again. The point there was that I would like to 
> accommodate both the configuration and the actual Server Auth module within 
> the application.
> That worked well with your advice.
> 
> Unfortunately, I have now reached the point where this solution works for one 
> application, but a parallel application on the same Tomcat then also uses the 
> Server Auth module. There is a  entry in the web.xml of the 
> second application.
> In my opinion, this is ignored as soon as JASPIC is configured for this 
> Tomcat (either statically with jaspic-providers.xml or dynamically by 
> implementing an AuthConfigProvider).
> 
> Now here are my questions:
> 1. Is there a possibility to activate the JASPIC provider for only one of the 
> two applications?

The intention is that the appContext attribute for the provider in the 
jaspic-providers.xml file limits the JASPIC configuration to a single web 
application.

> 2. OR there is an AuthConfigProvider that could implement the FORM based 
> authentication.

Not that I am aware of.

Mark

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



JASPIC Provider for FORM based Authentication

2021-11-22 Thread Keil, Matthias (ORISA Software GmbH)
Hello everyone,

I take up a topic of my own again. The point there was that I would like to 
accommodate both the configuration and the actual Server Auth module within the 
application.
That worked well with your advice.

Unfortunately, I have now reached the point where this solution works for one 
application, but a parallel application on the same Tomcat then also uses the 
Server Auth module. There is a  entry in the web.xml of the 
second application.
In my opinion, this is ignored as soon as JASPIC is configured for this Tomcat 
(either statically with jaspic-providers.xml or dynamically by implementing an 
AuthConfigProvider).

Now here are my questions:
1. Is there a possibility to activate the JASPIC provider for only one of the 
two applications?
2. OR there is an AuthConfigProvider that could implement the FORM based 
authentication.


thanks in advance

Matthias


AW: AW: JASPIC AuthConfigProvider packaged with the web application not found

2021-09-30 Thread Keil, Matthias (ORISA Software GmbH)
Dear Mark and Bernd, 

Thank you for your help and your advice.
That helped me alot.

I now have an implementation that resides exclusively in the application.

Thanks very much :-)


Best regards


Matthias Keil

-Ursprüngliche Nachricht-
Von: Mark Thomas  
Gesendet: Montag, 27. September 2021 18:21
An: users@tomcat.apache.org
Betreff: Re: AW: JASPIC AuthConfigProvider packaged with the web application 
not found

On 23/09/2021 07:03, Keil, Matthias (ORISA Software GmbH) wrote:
> Hi Bernd,
> 
> Yes, I would like to define my Server Auth module in the jaspic-providers.xml 
> and then provide the class with the web application.

Sorry, that isn't going to be supported. You either need to provide everything 
at the container level or everything at the web application level.

The main concern with configuration at the container level and implementation 
at the web application level is that web applications can be undeployed at 
which point everything breaks.

I'll update the documentation to make these two options clearer.

Mark


> 
> 
> Mit vielen Grüßen
> 
> Matthias Keil
> 
> -Ursprüngliche Nachricht-
> Von: Bernd Schatz 
> Gesendet: Dienstag, 21. September 2021 23:25
> An: users@tomcat.apache.org
> Betreff: Re: JASPIC AuthConfigProvider packaged with the web 
> application not found
> 
> Hi,
> 
> 
> Am 19.09.21 um 19:48 schrieb Keil, Matthias (ORISA Software GmbH):
>> Hello everyone and thanks for the hints.
>> They also work as expected and I can package the provider in the web 
>> application .
>>
>> Nevertheless, the Configuration Reference 
>> (https://tomcat.apache.org/tomcat-9.0-doc/config/jaspic.html) suggests that 
>> you define your own provider in jaspic-providers.xml and Tomcat will then 
>> find it.
>> I am really only interested in a separate server auth module (SAM). Since I 
>> saw no way in the documentation to pack this into the web application. 
>> That's why I tried the way through the provider.
> 
> 
> You want to define the class in the  jaspic-providers.xml but package the 
> provider implementation(s) in the application(s) ?
> 
>>
>> As I said, your suggestions work, but there are also a number of additional 
>> classes needed to provide the actual SAM.
>> Thank you again
> 
> If you dont need the whole flexibility of JASPI you can also do something 
> like this:
> 
> 
> public class MyAuthProvider implements AuthConfigProvider, 
> ServerAuthConfig, ServerAuthModule, ServerAuthContext
> 
> 


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



AW: JASPIC AuthConfigProvider packaged with the web application not found

2021-09-23 Thread Keil, Matthias (ORISA Software GmbH)
Hi Bernd, 

Yes, I would like to define my Server Auth module in the jaspic-providers.xml 
and then provide the class with the web application.


Mit vielen Grüßen

Matthias Keil

-Ursprüngliche Nachricht-
Von: Bernd Schatz  
Gesendet: Dienstag, 21. September 2021 23:25
An: users@tomcat.apache.org
Betreff: Re: JASPIC AuthConfigProvider packaged with the web application not 
found

Hi,


Am 19.09.21 um 19:48 schrieb Keil, Matthias (ORISA Software GmbH):
> Hello everyone and thanks for the hints.
> They also work as expected and I can package the provider in the web 
> application .
> 
> Nevertheless, the Configuration Reference 
> (https://tomcat.apache.org/tomcat-9.0-doc/config/jaspic.html) suggests that 
> you define your own provider in jaspic-providers.xml and Tomcat will then 
> find it.
> I am really only interested in a separate server auth module (SAM). Since I 
> saw no way in the documentation to pack this into the web application. That's 
> why I tried the way through the provider.


You want to define the class in the  jaspic-providers.xml but package the 
provider implementation(s) in the application(s) ?

> 
> As I said, your suggestions work, but there are also a number of additional 
> classes needed to provide the actual SAM.
> Thank you again

If you dont need the whole flexibility of JASPI you can also do something like 
this:


public class MyAuthProvider implements AuthConfigProvider, 
ServerAuthConfig, ServerAuthModule, ServerAuthContext


-- 
Greets
   Bernd









-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



AW: JASPIC AuthConfigProvider packaged with the web application not found

2021-09-19 Thread Keil, Matthias (ORISA Software GmbH)
Hello everyone and thanks for the hints.
They also work as expected and I can package the provider in the web 
application .

Nevertheless, the Configuration Reference 
(https://tomcat.apache.org/tomcat-9.0-doc/config/jaspic.html) suggests that you 
define your own provider in jaspic-providers.xml and Tomcat will then find it.

I am really only interested in a separate server auth module (SAM). Since I saw 
no way in the documentation to pack this into the web application. That's why I 
tried the way through the provider.

As I said, your suggestions work, but there are also a number of additional 
classes needed to provide the actual SAM.
Thank you again

Mit vielen Grüßen

Matthias Keil

-Ursprüngliche Nachricht-
Von: Bernd Schatz  
Gesendet: Freitag, 17. September 2021 09:53
An: users@tomcat.apache.org
Betreff: Re: JASPIC AuthConfigProvider packaged with the web application not 
found

Hi Matthias,


Am 17.09.21 um 09:39 schrieb bernd.sch...@daimler.com:
> From: "Keil, Matthias (ORISA Software GmbH)" 
> To: users@tomcat.apache.org 
> Subject: JASPIC AuthConfigProvider packaged with the web application 
> not found
> 
> I would like to develop an AuthConfigProvider and would like to deploy it 
> together in a web application.
> 
> The Tomcat 9 configuration reference for the AuthConfigProvider indicates 
> that "The implementation may be packaged with the web application or in 
> Tomcat's $ CATALINA_BASE / lib directory."
> 
> The variant with the $ CATALINA_BASE / lib directory works as expected. My 
> class of the AuthConfigProvider is found and instantiated.
> The variant of packing the implementation together with the web application 
> does not work. In this case I get a java.lang.ClassNotFoundException.
[SNIP]

You can register it by using a ServletContextListener (or via CDI):

AuthConfigFactory factory = AuthConfigFactory.getFactory(); 
factory.registerConfigProvider(new AuthProvider(), "HttpServlet", null, "TEST");

--
greets
Bernd





-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org


-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org



JASPIC AuthConfigProvider packaged with the web application not found

2021-09-16 Thread Keil, Matthias (ORISA Software GmbH)
Hello
I would like to develop an AuthConfigProvider and would like to deploy it 
together in a web application.

The Tomcat 9 configuration reference for the AuthConfigProvider indicates that 
"The implementation may be packaged with the web application or in Tomcat's $ 
CATALINA_BASE / lib directory."

The variant with the $ CATALINA_BASE / lib directory works as expected. My 
class of the AuthConfigProvider is found and instantiated.
The variant of packing the implementation together with the web application 
does not work. In this case I get a java.lang.ClassNotFoundException.

My question: How can I package my implementation together with the web 
application?

Because apparently only a few people implement their own JASPIC modules, 
research at Goolge or in the Mail Archive did not help.
While debugging I saw that at the point where the AuthConfigProvider class is 
loaded, there are no class loaders for the web application.

Technical details
- Tomcat 9.0.37, Windows 10, Tomcat in Eclipse "Use workspace metadata",
- In the configuration files under $ CATALINA_BASE / conf I only adjusted the 
jaspic.xml and entered my class there as the provider

thanks in advance

Matthias

-
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org