Hey Arne, Thanks for quick response.
Well I am using JAAS module from Slide site, they have made it available for authentication with Slide. I did all configurations and tested by accessing from the browser and DavExplorer, its working well. JAAS module responding preety good way. I then tried making HTTP based authentication using 3.1 lib and its also working fine. Later I just was requesting webdav resource where 3.1 lib is configured in my app, and I was getting error with Slide as Bad Request. Then i replaced this http 3.1 lib by older version and could get webdav resource. But now I cant authenticate since AuthScope is not there in older version. JAAS is working fine but this is strange problem. Regards, Satish ----- Original Message ----- From: "Arne v.Irmer" <[EMAIL PROTECTED]> To: "Slide Users Mailing List" <slide-user@jakarta.apache.org> Sent: Thursday, September 27, 2007 6:24 PM Subject: Re: Authentication with Slide - Slide vs tomcat Realm > Hi Satish, > Satish schrieb: > > Hi Arne, > > > > I manage to authenticate with http client 3.1, latest http client library > > with JAAS module. But I could not get webdav resource now. Upon searching on > > the forum I found Slide is not supporting http client 3.x libraries. > > > We are using http client 3.01 and it works. > > I am trying with the typical JAAS authentication with LoginContext, where I > > am getting error as not able to create LoginContext since could not able to > > locate the login configuration. > > > This looks like a problem on the server side. I implemented my own JAAS > authentication, so it might be different to your case. If would get that > error-message it will stress on not finding my JAAS implementation. I > your case maybe the JAAS-Implementation you are using has a problem. In > general speaking it could not be a problem of the version of http > client, because basic authentication is standardized and well > implemented in that client. > You should have the same problems with other clients like DAVExplorer etc. > > Do you have any idea how we can use the http client library, which is > > easiest way - or it is the limitation of Slide. > > > > > > Regards, > > Satish > > > > > > ----- Original Message ----- > > From: "Arne v.Irmer" <[EMAIL PROTECTED]> > > To: "Slide Users Mailing List" <slide-user@jakarta.apache.org> > > Sent: Monday, September 17, 2007 2:31 PM > > Subject: Re: Authentication with Slide - Slide vs tomcat Realm > > > > > > > >> Hi Satish, > >> we have to discriminate between the client- and the server side. > >> If you have a successful login with DAVExplorer the server side is now > >> working properly. > >> On client side you can easily access an address that is protected with > >> basic authentication using the commons-http-client.(see > >> http://jakarta.apache.org/httpcomponents/httpclient-3.x/) > >> For authentication look at > >> > >> > > http://jakarta.apache.org/httpcomponents/httpclient-3.x/authentication.html > > > >> Hope that helps > >> Arne > >> > >> Satish schrieb: > >> > >>> Hi > >>> > >>> There were problem in environment variables, I set all environment > >>> variables correctly and its seems to be working :) > >>> > >>> Now tomcat is understanding Slide user database, tomcat-users.xml not > >>> required anymore for authentication. > >>> > >>> I was checking this using DAVExplorer but now I need to implement and > >>> use API for authentication, so > >>> > >>> Is that JAAS package will help me in this, shall I need to use those > >>> API for authentication from my custom jsp client? > >>> Do you have any idea how can I directly use same authentication way > >>> like DAVExplorer using? > >>> > >>> > >>> Regards, > >>> Satish > >>> > >>> > >>> ----- Original Message ----- > >>> *From:* kiltesh patel <mailto:[EMAIL PROTECTED]> > >>> *To:* Slide Users Mailing List > >>> <mailto:slide-user@jakarta.apache.org> ; Satish > >>> <mailto:[EMAIL PROTECTED]> > >>> *Sent:* Saturday, September 15, 2007 10:15 PM > >>> *Subject:* Re: Authentication with Slide - Slide vs tomcat Realm > >>> > >>> Hi Satish, > >>> > >>> try this... > >>> > >>> 1. 5) Set environment variable > >>> CATALINA_OPTS=-Djava.security.auth.login > >>> .config=$CATALINA_HOME/conf/jaas > >>> .config > >>> > >>> In place of = use == to set catalina_opts > >>> > >>> 2. Also, appName="slide_login" name should exactly match in > >>> config.jaas file > >>> > >>> slide_login {.... > >>> > >>> 3. You can also try using JAVA_OPTS instead of CATALINA_OPTS > >>> > >>> 4. Also, check your classpath if it finds jaas.config and > >>> userClassNames="org.apache.slide.jaas.spi > >>> .SlidePrincipal" > >>> roleClassNames="org.apache.slide.jaas.spi.SlideRole" > >>> are in classpah. > >>> > >>> Regards > >>> Kiltesh > >>> > >>> > >>> > >>> On 9/15/07, *Satish* <[EMAIL PROTECTED] > >>> <mailto:[EMAIL PROTECTED]>> wrote: > >>> > >>> Hi Arne > >>> > >>> Using your guidelines I tried configuring JAAS with Slide. > >>> > >>> I did something like: > >>> > >>> 1) > >>> Configure tomcat web.xml to have > >>> <Context path="/slide" debug="0" privileged="true" > >>> useNaming="true"> > >>> <Realm className="org.apache.catalina.realm.JAASRealm " > >>> appName="slide_login" > >>> > >>> > > userClassNames="org.apache.slide.jaas.spi.SlidePrincipal" > > > >>> roleClassNames="org.apache.slide.jaas.spi.SlideRole" > >>> name="Slide DAV Server" > >>> useContextClassLoader="false" /> > >>> </Context> > >>> in Host. > >>> > >>> 2) Copied jaas.config file in conf folder of tomcat > >>> > >>> 3) Copied slide-jaas-2.1.jar in \\Tomcat 5.5\common\lib folder > >>> > >>> 4) Uncommented <security-constraint> from Slide web.xml > >>> > >>> 5) Set environment variable > >>> > >>> > > CATALINA_OPTS=-Djava.security.auth.login.config=$CATALINA_HOME/conf/jaas > > > >>> .config > >>> > >>> Retsrated tomcat server and then tried connecting Slide using > >>> Web DAV Explorer client provided by Slide, but when I tried > >>> login, tomcat log says: > >>> > >>> Unable to locate a login configuration...here is the error for > >>> details > >>> > >>> Sep 15, 2007 8:26:27 PM org.apache.catalina.realm.JAASRealm > >>> authenticate > >>> SEVERE: Unexpected error > >>> java.lang.SecurityException: Unable to locate a login > >>> configuration > >>> at com.sun.security.auth.login.ConfigFile.<init>(Unknown Source) > >>> at > >>> sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native > >>> Method) > >>> at > >>> sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown > >>> Source) > >>> at > >>> > >>> > > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown > > > >>> Source) > >>> at java.lang.reflect.Constructor.newInstance(Unknown Source) > >>> at java.lang.Class.newInstance0(Unknown Source) > >>> at java.lang.Class.newInstance (Unknown Source) > >>> at javax.security.auth.login.Configuration$3.run(Unknown Source) > >>> at java.security.AccessController.doPrivileged(Native Method) > >>> at > >>> javax.security.auth.login.Configuration.getConfiguration(Unknown > >>> Source) > >>> at javax.security.auth.login.LoginContext$1.run(Unknown Source) > >>> at java.security.AccessController.doPrivileged(Native Method) > >>> at javax.security.auth.login.LoginContext.init(Unknown Source) > >>> at javax.security.auth.login.LoginContext .<init>(Unknown > >>> > > Source) > > > >>> at > >>> > >>> > > org.apache.catalina.realm.JAASRealm.authenticate(JAASRealm.java:355) > > > >>> at > >>> > >>> > > org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthe > > nticator.java:181) > > > >>> at org.apache.catalina.authenticator.AuthenticatorBase.invoke > >>> (AuthenticatorBase.java:446) > >>> at > >>> > >>> > > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126 > > ) > > > >>> at > >>> > >>> > > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105 > > ) > > > >>> at org.apache.catalina.core.StandardEngineValve.invoke > >>> (StandardEngineValve.java:107) > >>> at > >>> > >>> > > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) > > > >>> at > >>> > >>> > > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:825) > > > >>> at > >>> > >>> > > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne > > ction > > > >>> (Http11Protocol.java:738) > >>> at > >>> > >>> > > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.jav > > a:526) > > > >>> at > >>> > >>> > > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWo > > rkerThread.java:80) > > > >>> at > >>> > >>> > > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav > > a:684) > > > >>> at java.lang.Thread.run(Unknown Source) > >>> Caused by: java.io.IOException: Unable to locate a login > >>> configuration > >>> at com.sun.security.auth.login.ConfigFile.init (Unknown Source) > >>> ... 27 more > >>> > >>> > >>> Do you have idea if I am missing out anything here. > >>> > >>> > >>> Regards, > >>> Satish > >>> > >>> > >>> > >>> ----- Original Message ----- > >>> From: "Arne v.Irmer" < [EMAIL PROTECTED] > >>> <mailto:[EMAIL PROTECTED]>> > >>> To: "Slide Users Mailing List" <slide-user@jakarta.apache.org > >>> <mailto:slide-user@jakarta.apache.org>> > >>> Sent: Friday, September 14, 2007 4:22 PM > >>> Subject: Re: Authentication with Slide - Slide vs tomcat Realm > >>> > >>> > >>> > Hi Satish, > >>> > things are easy, if you look at the used technics: Silde is > >>> a servlet in > >>> > tomcat and uses the authentication mechanism of tomcat. This > >>> includes > >>> > such nice things like the sso-Valve. > >>> > What you have to implement a user management that does both: > >>> > 1. Creating/Deleting the user in silde by just > >>> creating/deleting a > >>> > collection with the user name in /user (default value). Tip: > >>> Look at the > >>> > powerful roles mechanism in slide. > >>> > 2. Doing the JAAS-Authentication. > >>> > This is how we did it here. > >>> > > >>> > Yours > >>> > Arne > >>> > > >>> > Satish schrieb: > >>> > > Hey Arne > >>> > > > >>> > > Thanks for quick reponse. > >>> > > > >>> > > Do you mean here that I should take steps below to > >>> implemnt authetication, > >>> > > > >>> > > - configure Slide realm, configure tomcat to use Slide > >>> users for > >>> > > authentication > >>> > > - configure JAAS for tomcat > >>> > > - use JAAS API to authenticate the requests, > >>> > > so here JAAS will ask tomcat for authetication -> tomcat > >>> will check Slide > >>> > > user database > >>> > > > >>> > > Is is somthing gonna happen...? > >>> > > > >>> > > Thanks. > >>> > > > >>> > > > >>> > > Regards, > >>> > > Satish > >>> > > > >>> > > > >>> > > ----- Original Message ----- > >>> > > From: "Arne v.Irmer" <[EMAIL PROTECTED] > >>> <mailto:[EMAIL PROTECTED]>> > >>> > > To: "Slide Users Mailing List" < > >>> slide-user@jakarta.apache.org > >>> <mailto:slide-user@jakarta.apache.org>> > >>> > > Sent: Friday, September 14, 2007 2:50 PM > >>> > > Subject: Re: Authentication with Slide - Slide vs tomcat > >>> > > Realm > > > >>> > > > >>> > > > >>> > > > >>> > >> Hi Satish, > >>> > >> look for JAAS-Authentication that is a standard API that > >>> works pretty > >>> > >> well with tomcat. A good introduction is found at > >>> > >> > >>> http://www.javaworld.com/javaworld/jw-09-2002/jw-0913-jaas.html > >>> > >> > >>> > >> Yours > >>> > >> Arne > >>> > >> > >>> > >> Satish schrieb: > >>> > >> > >>> > >>> Hi > >>> > >>> > >>> > >>> I need to authentication with Slide, there are two ways > >>> I can see > >>> > >>> > >>> > >>> I am thinking of using Slide realm and configuring > >>> tomcat to use Slide > >>> > >>> > >>> > > user database for authentication. > >>> > > > >>> > >>> Otherwise if I rely completely on tomcat realm, typical > >>> tomcat-users.xml > >>> > >>> > >>> > > file based, authetication, I need to add user two places - > >>> Slide and > >>> > > tomcat-user, which is problem. > >>> > > > >>> > >>> Can any body suggests on > >>> > >>> #1 how can I configure tomcat to use the Slide users for > >>> authentication? > >>> > >>> #2 how can I actually autheticate request of tomcat > >>> programatically, is > >>> > >>> > >>> > > any API available? > >>> > > > >>> > >>> What I am looking for is authenticating user with Slide. > >>> > >>> > >>> > >>> Any suggestion is valuable for me. > >>> > >>> > >>> > >>> Regards, > >>> > >>> Satish > >>> > >>> > >>> > >>> Disclaimer: > >>> > >>> This e-mail may contain Privileged/Confidential > >>> information and is > >>> > >>> > >>> > > intended only for the individual(s) named. Any review, > >>> retransmission, > >>> > > dissemination or other use of, or taking of any action in > >>> reliance upon this > >>> > > information by persons or entities other than the intended > >>> recipient is > >>> > > prohibited. Please notify the sender, if you have received > >>> this e-mail by > >>> > > mistake and delete it from your system. Information in > >>> this message that > >>> > > does not relate to the official business of the company > >>> shall be understood > >>> > > as neither given nor endorsed by it. E-mail transmission > >>> cannot be > >>> > > guaranteed to be secure or error-free. The sender does not > >>> accept liability > >>> > > for any errors or omissions in the contents of this > >>> message which arise as a > >>> > > result of e-mail transmission. If verification is required > >>> please request a > >>> > > hard-copy version. Visit us at > >>> http://www.harbinger-systems.com/ > >>> > > > >>> > >>> > >>> > >>> > >>> > >> > >>> > > --------------------------------------------------------------------- > > > >>> > >> To unsubscribe, e-mail: > >>> [EMAIL PROTECTED] > >>> <mailto:[EMAIL PROTECTED]> > >>> > >> For additional commands, e-mail: > >>> [EMAIL PROTECTED] > >>> <mailto:[EMAIL PROTECTED]> > >>> > >> > >>> > >> > >>> > > > >>> > > Disclaimer: > >>> > > This e-mail may contain Privileged/Confidential > >>> information and is intended only for the individual(s) named. > >>> Any review, retransmission, dissemination or other use of, or > >>> taking of any action in reliance upon this information by > >>> persons or entities other than the intended recipient is > >>> prohibited. Please notify the sender, if you have received > >>> this e-mail by mistake and delete it from your system. > >>> Information in this message that does not relate to the > >>> official business of the company shall be understood as > >>> neither given nor endorsed by it. E-mail transmission cannot > >>> be guaranteed to be secure or error-free. The sender does not > >>> accept liability for any errors or omissions in the contents > >>> of this message which arise as a result of e-mail > >>> transmission. If verification is required please request a > >>> hard-copy version. Visit us at http://www.harbinger-systems.com/ > >>> > > > >>> > > >>> > > >>> > > --------------------------------------------------------------------- > > > >>> > To unsubscribe, e-mail: > >>> [EMAIL PROTECTED] > >>> <mailto:[EMAIL PROTECTED]> > >>> > For additional commands, e-mail: > >>> [EMAIL PROTECTED] > >>> <mailto:[EMAIL PROTECTED]> > >>> > > >>> Disclaimer: > >>> This e-mail may contain Privileged/Confidential information > >>> and is intended only for the individual(s) named. Any review, > >>> retransmission, dissemination or other use of, or taking of > >>> any action in reliance upon this information by persons or > >>> entities other than the intended recipient is prohibited. > >>> Please notify the sender, if you have received this e-mail by > >>> mistake and delete it from your system. Information in this > >>> message that does not relate to the official business of the > >>> company shall be understood as neither given nor endorsed by > >>> it. E-mail transmission cannot be guaranteed to be secure or > >>> error-free. The sender does not accept liability for any > >>> errors or omissions in the contents of this message which > >>> arise as a result of e-mail transmission. If verification is > >>> required please request a hard-copy version. Visit us at > >>> http://www.harbinger-systems.com/ > >>> > >>> > >>> > >>> Disclaimer: > >>> This e-mail may contain Privileged/Confidential information and > >>> is intended only for the individual(s) named. Any review, > >>> > > retransmission, d > > > >>> issemination or other use of, or taking of any action in reliance upon > >>> > > this > > > >>> information by persons or entities other than the intended recipient is > >>> > > proh > > > >>> ibited. Please notify the sender, if you have received this e-mail by > >>> > > mistak > > > >>> e and delete it from your system. Information in this message that does > >>> > > not > > > >>> relate to the official business of the company shall be understood as > >>> > > neithe > > > >>> r given nor endorsed by it. E-mail transmission cannot be guaranteed to > >>> > > be s > > > >>> ecure or error-free. The sender does not accept liability for any errors > >>> > > or > > > >>> omissions in the contents of this message which arise as a result of > >>> > > e-mail > > > >>> transmission. If verification is required please request a hard-copy > >>> > > version > > > >>> . Visit us at http://www.harbinger-systems.com/ > >>> > >>> > >>> > >>> > >>> > >> -- > >> Dipl.-Phys. Arne v.Irmer > >> Medienzentrum Universität Dortmund > >> Am Hauert 12a > >> 44227 Dortmund > >> Tel.: ++49 231 755 7127 > >> Fax : ++49 231 755 4597 > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > Disclaimer: > > This e-mail may contain Privileged/Confidential information and is intended only for the individual(s) named. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. Please notify the sender, if you have received this e-mail by mistake and delete it from your system. Information in this message that does not relate to the official business of the company shall be understood as neither given nor endorsed by it. E-mail transmission cannot be guaranteed to be secure or error-free. The sender does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Visit us at http://www.harbinger-systems.com/ > > > > > -- > Dipl.-Phys. Arne v.Irmer > Medienzentrum Universität Dortmund > Am Hauert 12a > 44227 Dortmund > Tel.: ++49 231 755 7127 > Fax : ++49 231 755 4597 > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Disclaimer: This e-mail may contain Privileged/Confidential information and is intended only for the individual(s) named. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. Please notify the sender, if you have received this e-mail by mistake and delete it from your system. Information in this message that does not relate to the official business of the company shall be understood as neither given nor endorsed by it. E-mail transmission cannot be guaranteed to be secure or error-free. The sender does not accept liability for any errors or omissions in the contents of this message which arise as a result of e-mail transmission. If verification is required please request a hard-copy version. Visit us at http://www.harbinger-systems.com/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
