Re: Fwd: Tomcat question
Zahi, On 30.4.2018. 11:09, Zahi Fail wrote: curl -X POST \ http://localhost:8080/userManagement/rest/Traffic/users2 \ -H 'Authorization: Basic dG9tY2F0OnMzY3JldA==' \ -H 'Cache-Control: no-cache' \ -H 'Content-Type: application/json' \ -H 'Postman-Token: 71819f33-6206-02c5-5cf2-8de6347fc154' \ -d '[{"id":1, "code":2, "time":"2009-02-15", "cycleSecond":22, "programNumber":1221, "stageNumber":22, "moves":"22", "detectors":"fead","conditions":"2ddsa"}]' First, please don't top post. Read mailing list guidelines here: http://tomcat.apache.org/lists.html#tomcat-users Regarding the problem, base64 string "dG9tY2F0OnMzY3JldA==" decodes to "tomcat:s3cret", which is, according to your previously posted tomcat-users.xml file, user in the role "manager-gui". On the other hand, your web.xml auth-constraint configuration expects the user in the role "manager". -Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Re: Fwd: Tomcat question
This is the curl message from postman: curl -X POST \ http://localhost:8080/userManagement/rest/Traffic/users2 \ -H 'Authorization: Basic dG9tY2F0OnMzY3JldA==' \ -H 'Cache-Control: no-cache' \ -H 'Content-Type: application/json' \ -H 'Postman-Token: 71819f33-6206-02c5-5cf2-8de6347fc154' \ -d '[{"id":1, "code":2, "time":"2009-02-15", "cycleSecond":22, "programNumber":1221, "stageNumber":22, "moves":"22", "detectors":"fead","conditions":"2ddsa"}]' On Mon, Apr 30, 2018 at 11:42 AM, Ognjen Blagojevic < ognjen.d.blagoje...@gmail.com> wrote: > Zahi, > > On 25.4.2018. 13:19, zahi.f...@gmail.com wrote: > >> I configured in my conf\server.xml file the realm as below: >>> >> > Ok, so the configuration looks fine. > > You said you are using Postman to send the request. Can you paste the > `curl` command that the postman can generate for you just to check if it > looks Ok? > > For instance, this would be the right curl command: > > curl -u admin:falcon -X POST http://your.server/webapp/ > > While those are not: > > curl -u admin:falco -X POST http://your.server/webapp/ (typo in > password, HTTP 401) > > curl -X POST http://your.server/webapp/ (no credentials specified, HTTP > 401) > > curl -u tomcat:s3cret -X POST http://your.server/webapp/ (wrong role, > HTTP 403) > > curl -u admin:falcon -X GET http://your.server/webapp/ (GET instead of > POST, HTTP status code... it depends) > > -Ognjen > > > > > - > To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org > For additional commands, e-mail: users-h...@tomcat.apache.org > >
Re: Fwd: Tomcat question
Zahi, On 25.4.2018. 13:19, zahi.f...@gmail.com wrote: I configured in my conf\server.xml file the realm as below: Ok, so the configuration looks fine. You said you are using Postman to send the request. Can you paste the `curl` command that the postman can generate for you just to check if it looks Ok? For instance, this would be the right curl command: curl -u admin:falcon -X POST http://your.server/webapp/ While those are not: curl -u admin:falco -X POST http://your.server/webapp/ (typo in password, HTTP 401) curl -X POST http://your.server/webapp/ (no credentials specified, HTTP 401) curl -u tomcat:s3cret -X POST http://your.server/webapp/ (wrong role, HTTP 403) curl -u admin:falcon -X GET http://your.server/webapp/ (GET instead of POST, HTTP status code... it depends) -Ognjen - To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
Fwd: Tomcat question
Sent from my iPhone Begin forwarded message: > From: Zahi Fail> Date: 25 April 2018 at 12:19:20 GMT+3 > To: Ognjen Blagojevic > Subject: Re: Tomcat question > > I configured in my conf\server.xml file the realm as below: > > > resourceName="UserDatabase"/> > > and still i can't access throw basic auth. > > My full server.xml file look like that: > > > > > > > > >SSLEngine="on" /> > >className="org.apache.catalina.core.JreMemoryLeakPreventionListener" /> >className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" /> >className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" /> > > > > >type="org.apache.catalina.UserDatabase" > description="User database that can be updated and saved" > factory="org.apache.catalina.users.MemoryUserDatabaseFactory" > pathname="conf/tomcat-users.xml" /> > > > > > > > > > > > connectionTimeout="2" >redirectPort="8443" /> > > > > > > > > > > > > > > > > > > > > > > > > resourceName="UserDatabase"/> > >unpackWARs="true" autoDeploy="true"> > > > > > > directory="logs" >prefix="localhost_access_log" suffix=".txt" >pattern="%h %l %u %t %r %s %b" /> > > > > > > > >> On Tue, Apr 24, 2018 at 10:35 AM, Ognjen Blagojevic >> wrote: >> Zahi, >> >>> On 23.4.2018. 16:38, Zahi Fail wrote: >>> This is the following code from my web.xml file: >> ... >>> *and in the tomcat-user.xml i have updated the code as below: * >> ... >> >> You need to configure appropriate realm. Did you do that? You can do it in >> your webapp's context.xml, or in server.xml file, but the former method is >> recommended, because of easier deployment. >> >> Take a look at: >> >> https://tomcat.apache.org/tomcat-9.0-doc/realm-howto.html >> >> If you want to keep usernames and passwords in XML file (like >> tomcat-users.xml), you should use UserDatabaseRealm, but you also have other >> options for storing credentials -- e.g. SQL database or LDAP directory. >> >> -Ognjen >