Hello, I found the following interesting answer from Craig R. McClanahan to Sim IJskes concerning the use of BASIC authentication :
> I was able to get basic authentication working by editing the file > "$TOMCAT_HOME/webapps/examples/WEB-INF/web.xml and changing the <auth-method> > element from FORM > to BASIC. Then, accessing the following URL: > > http://localhost:8080/examples/jsp/security/protected > > correctly caused the basic authentication dialog to come up, and it correctly > rejected all > username/password combinations other than the one defined in the > conf/tomcat-users.xml file > (tomcat/tomcat). If you can find a scenario like this that doesn't work correctly, > could you > please report it? I did exactly the same test but I have a "scenario like this that doesn't work correctly" ;-) ! I struggle for two days now with Tomcat 5 BASIC authentication. I read many posts about the problem but most of the people seem to have a login window appearing. I don't :-( jsp security examples (quoted above), manager and admin authentication work fine but my application just acts as if no authentication was required... I really don't see what's wrong with my config files. The server.xml is a copy of the server-minimal.xml one where I added a database ressource. The web.xml is based on $TOMCAT_HOME/server/webapps/manager/WEB-INF/web.xml (i.e. a working example). Can anybody help me, please ?!!!!!!!!!! Hereafter are the xml files : ---------------------------------------------------------- tomcat-users.xml : <?xml version='1.0' encoding='utf-8'?> <tomcat-users> <role rolename="tomcat"/> <role rolename="role1"/> <role rolename="standard"/> <role rolename="manager"/> <user username="llemoux" password="llemoux" roles="standard,manager"/> <user username="tomcat" password="tomcat" roles="tomcat"/> <user username="both" password="tomcat" roles="tomcat,role1"/> <user username="role1" password="tomcat" roles="role1"/> </tomcat-users> ---------------------------------------------------------- web.xml : <?xml version="1.0" encoding="ISO-8859-1"?> <web-app version="2.4"> <security-contraint> <web-resource-collection> <url-pattern>/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>standard</role-name> </auth-constraint> </security-contraint> <login-config> <auth-method>BASIC</auth-method> </login-config> <security-role> <role-name>standard</role-name> </security-role> </web-app> ---------------------------------------------------------- server.xml : <Server port="8005" shutdown="SHUTDOWN"> <GlobalNamingResources> <!-- Used by Manager webapp --> <Resource name="UserDatabase" auth="Container" type="org.apache.catalina.UserDatabase" description="User database that can be updated and saved"> </Resource> <ResourceParams name="UserDatabase"> <parameter> <name>factory</name> <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value> </parameter> <parameter> <name>pathname</name> <value>conf/tomcat-users.xml</value> </parameter> </ResourceParams> </GlobalNamingResources> <Service name="Catalina"> <Connector port="8080" /> <!-- This is here for compatibility only, not required --> <Connector port="8009" protocol="AJP/1.3" /> <Engine name="Catalina" defaultHost="localhost"> <Logger className="org.apache.catalina.logger.FileLogger"/> <Realm className="org.apache.catalina.realm.UserDatabaseRealm" resourceName="UserDatabase" /> <Host name="localhost" appBase="webapps"/> <DefaultContext> <Resource name="jdbc/JSDB" auth="Container" type="javax.sql.DataSource"/> <ResourceParams name="jdbc/JSDB"> <parameter> <name>factory</name> <value>org.apache.commons.dbcp.BasicDataSourceFactory</value> </parameter> <parameter> <name>maxActive</name> <value>3</value> </parameter> <parameter> <name>maxIdle</name> <value>1</value> </parameter> <parameter> <name>username</name> <value>jSDB</value> </parameter> <parameter> <name>password</name> <value>jSDB</value> </parameter> <parameter> <name>driverClassName</name> <value>org.hsqldb.jdbcDriver</value> </parameter> <parameter> <name>url</name> <value>jdbc:hsqldb:hsql://localhost</value> </parameter> </ResourceParams> </DefaultContext> </Engine> </Service> </Server> ------------------------------------------ Faites un voeu et puis Voila ! www.voila.fr --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
