Keep an eye on http://jakarta.apache.org/tomcat/tomcat-5.5-doc/changelog.html. An entry will appear here once it is fixed.
I can't see an easier way then two WARs. If anyone else has any bright ideas... Mark > -----Original Message----- > From: Paulo Alvim [mailto:[EMAIL PROTECTED] > Sent: Wednesday, December 01, 2004 9:25 PM > To: Tomcat Users List > Subject: RES: [java] RE: bug JDBC Real with CLIENT-CERT > > Thanks, Mark... > > Please let us know when you have more infs about TC5 and JNDI > Realm/CLIENT-CERT, ok? > > Just to be sure: > > Since I can have just one login-config per application, I > will have to work > with two WARs (one for each configuration)...if I need to > have both "form > based" and "cert based" authentication in the same application, right? > > Do you know any better workaround? > > Paulo Alvim. > > > -----Mensagem original----- > De: Mark Thomas [mailto:[EMAIL PROTECTED] > Enviada em: quarta-feira, 1 de dezembro de 2004 16:43 > Para: 'Tomcat Users List' > Assunto: RE: [java] RE: bug JDBC Real with CLIENT-CERT > > > I haven't looked at the JNDI realm at all. There is an outstanding bug > against > this and CLIENT-CERT for TC4 so I will get to it eventually > (I'll port the > fix > to TC5 if it needs it). > > The spec states that you can have no more than 1 login-config per > application. > > If a fix is needed, you are going to have to migrate to the > version that > includes the fix. > > Mark > > > -----Original Message----- > > From: Paulo Alvim [mailto:[EMAIL PROTECTED] > > Sent: Tuesday, November 30, 2004 1:09 PM > > To: Tomcat Users List > > Subject: RES: [java] RE: bug JDBC Real with CLIENT-CERT > > > > Thanks for your answer, Mark... > > > > I'm sorry...I was talking about JNDIRealm. We use it to > > authenticate to > > ActiveDirectory with the configuration bellow (names changed): > > > > <Realm className="org.apache.catalina.realm.JNDIRealm" debug="0" > > connectionURL="ldap://plcbhdc:389"; > > connectionName="cn=alvim,cn=Users,dc=powerlogic" > > connectionPassword="1234567" > > userBase="cn=Users,dc=powerlogic" > > userSearch="sAMAccountName={0}" > > userSubtree="true" roleBase="CN=Builtin,dc=powerlogic" > > roleSearch="(member={0})" roleSubTree="true" > > userRoleName="member" > > roleName="cn" /> > > > > ...and sometimes against our database schema: > > > > <Realm className="org.apache.catalina.realm.JDBCRealm" debug="0" > > driverName="oracle.jdbc.driver.OracleDriver" > > connectionURL="jdbc:oracle:thin:@plcxdb:1521:oraxxxxx" > > connectionName="xxxxxxx3" connectionPassword="xxxxx" > > userTable="EC_USUARIO" userNameCol="LOGIN" > > userCredCol="SENHA" > > userRoleTable="EC_GRUPOXUSUARIO" roleNameCol="NOME_GRUPO" > > digest="SHA"/> > > > > We need to use CLIENT-CERT together with FORM-BASED > > authentication - is it > > possible to use both in the same WAR? > > > > We could make CLIENT-CERT work with MemoryReal but since we > > couldn't make it > > work with JDBCRealm we are wondering it won't work with JNDI > > too (we can't > > test this at this moment)... > > > > We are using Tomcat 5.0.28 and we didn't like to migrate it, > > because our > > apps are running ok...only if necessary... > > > > Thanks again! > > > > Alvim > > > > > > > > -----Mensagem original----- > > De: Mark Thomas [mailto:[EMAIL PROTECTED] > > Enviada em: segunda-feira, 29 de novembro de 2004 18:31 > > Para: 'Tomcat Users List' > > Assunto: RE: [java] RE: bug JDBC Real with CLIENT-CERT > > > > > > The JDBC stuff is all there and works. I don’t understand how > > this then fits > > in > > with AD/LDAP? Could you enlighten me? I assume you don't mean > > the JNDI realm > > (which I haven't done anything with or even tested if > > CLIENT-CERT will work > > with) > > > > Mark > > > > > -----Original Message----- > > > From: Paulo Alvim [mailto:[EMAIL PROTECTED] > > > Sent: Monday, November 29, 2004 9:47 PM > > > To: Tomcat Users List > > > Cc: [EMAIL PROTECTED] > > > Subject: RES: [java] RE: bug JDBC Real with CLIENT-CERT > > > > > > Thanks, Mark! > > > > > > Could you tell me if my kind of issues (JDBC/Ldap Realm) > > are there?... > > > > > > > > > Alvim. > > > > > > -----Mensagem original----- > > > De: Mark Thomas [mailto:[EMAIL PROTECTED] > > > Enviada em: segunda-feira, 29 de novembro de 2004 17:02 > > > Para: 'Tomcat Users List' > > > Assunto: [java] RE: bug JDBC Real with CLIENT-CERT > > > > > > > > > I committed some patches to support CLIENT-CERT to 5.5.x > > > recently. Should be > > > in > > > the next release. If you want them now, you can always grab > > > them from CVS. > > > > > > Mark > > > > > > > -----Original Message----- > > > > From: Paulo Alvim [mailto:[EMAIL PROTECTED] > > > > Sent: Monday, November 29, 2004 4:02 PM > > > > To: Tomcat Users List > > > > Subject: bug JDBC Real with CLIENT-CERT > > > > > > > > Hi, > > > > > > > > I'm trying to use Client-Cert authentication with Tomcat > > > > 5.0.28. I could > > > > make it work using Memory Realm but when I changed to > > > > JDBCRealm I received > > > > an authorization error... > > > > > > > > In truth, it seems that there's a bug with Client-Cert and > > > > others Realm > > > > since 4.x. > > > > > > > > I've just read about that in a few links: > > > > > > > > http://issues.apache.org/bugzilla/show_bug.cgi?id=30352 > > > > > > > > http://www.junlu.com/msg/43156.html > > > > > > > > Anyone could update that information? Is there any fix or > > > > patchs in Tomcat > > > > 5.0.28? I'll need to use it with JDBCRealm and with LDAP (Active > > > > Directory)... > > > > > > > > Thanks a lot! > > > > > > > > Paulo Alvim > > > > Powerlogic - Brazil > > > > > > > > > > > > -----Mensagem original----- > > > > De: Paulo Alvim [mailto:[EMAIL PROTECTED] > > > > Enviada em: sábado, 27 de novembro de 2004 14:20 > > > > Para: Tomcat Users List > > > > Assunto: RES: [work] CLIENT-CERT > > > > > > > > > > > > Hi, > > > > > > > > The questions are: > > > > > > > > 1. Is it possible to use two authentication methods (FORM and > > > > CLIENT_CERT) > > > > in the same J2EE application? > > > > > > > > 2. If so, how could we do it in Tomcat 5.0.19? > > > > > > > > Thanks in advance! > > > > > > > > Paulo Alvim/Raphael > > > > Powerlogic - Brazil > > > > > > > > -----Mensagem original----- > > > > De: Raphael Gallo [mailto:[EMAIL PROTECTED] > > > > Enviada em: sexta-feira, 26 de novembro de 2004 17:44 > > > > Para: Tomcat Users List > > > > Assunto: [work] CLIENT-CERT > > > > > > > > > > > > Hi, > > > > > > > > > > > > It´s possible use FORM authentication and CLIENT-CERT > > > > in the same > > > > application. How can I do this ? > > > > > > > > > > > > > > > > Thanks, > > > > > > > > Raphael Gallo > > > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: > [EMAIL PROTECTED] > > > > For additional commands, e-mail: > > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: > [EMAIL PROTECTED] > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
