I thought <resource-env-ref> is just for environment variables (similiar to env-entry). I should have read the docu to its end... ;-)
Nevertheless, I think this resource reference is not required for servlet-security.
Tex
sven morales schrieb:
Hi, It is not wrong to have that resource-env-ref within his web.xml. Look at the manager/WEB_INF/web.xml for a working application ("manager") and you will see exact elements.
aka_sergio
--- Mario Winterer <[EMAIL PROTECTED]> wrote:
<resource-env-ref-name>PhotoUsers</resource-env-ref-name>Hi again!
I've noticed one thing in your configuration - but I
do not know if this is the reason for your problem:
Remove the <resource-env-ref-xxx> entries from
web.xml. You do not need a JNDI-reference to your user database here! (Apart
from that this is wrong - it should be a <resource-ref>-element
instead.)
Apart from that: You've specified a UserDatabase
that holds your login-data. You've specified which resources of your
web-application should be accessible by whom. But did you "connect"
the UserDatabase with the web-application by specifying a realm in
your context? (context.xml or server.xml)
Best regards, Tex
Omar Adobati schrieb:
the form methodGood Morning,
I'm trying to set up an authentication task using
and an xml files to store the users and theirroles.
Now, I've add this to the web.xml file:
==
[...]
<resource-env-ref>
<resource-env-ref-type>org.apache.catalina.UserDatabase</resource-env-ref-type>
className="org.apache.catalina.valves.AccessLogValve"</resource-env-ref>Constraints</display-name>
<security-constraint>
<display-name>Photoalbum Security
<web-resource-collection><web-resource-name>Photoalbum</web-resource-name>
<url-pattern>/controlPanel.jsp</url-pattern><form-login-page>/login.jsp</form-login-page>
<url-pattern>/photoUpload.jsp</url-pattern>
<url-pattern>/login.jsp</url-pattern> <http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>photoalbum</role-name>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method> <realm-name>PhotoUsers</realm-name> <form-login-config>
<form-error-page>/error.jsp</form-error-page>
the context tag of</form-login-config> </login-config> <security-role> <role-name>photoalbum</role-name> </security-role> <security-role> <role-name>admin</role-name> </security-role> [...] ==
then I've added the following lines to the between
docBase="." relodable="true"the webapplication:
==
<?xml version="1.0" encoding="utf-8"?>
<Context path="" displayName="photoalbum"
privileged="true">
<Valve
<value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>directory="logs/photoalbum/"fileDateFormat="yyyy-MM-dd"
prefix="photoalbum_access_log." suffix=".txt"/>type="java.lang.Integer" name="simpleValue"/>
<GlobalNamingResources>
<Environment value="30"
<Resourcetype="org.apache.catalina.UserDatabase"
description="User database that can be updated andsaved"
auth="Container" name="PhotoUsers"/>
<ResourceParams name="PhotoUsers">
<parameter>
<name>factory</name>
---------------------------------------------------------------------the same folder as</parameter> <parameter> <name>pathname</name> <value>/photoalbum-users.xml</value> </parameter> </ResourceParams> </GlobalNamingResources> <ResourceLink name="users" global="PhotoUsers" type="org.apache.catalina.UserDatabase"/> </Context> ==
and I have putted the file photoalbum-users.xml in
help me?the previous file.
Now, this seems to not work... does' anyone can
---------------------------------------------------------------------Omar
To unsubscribe, e-mail:[EMAIL PROTECTED]
For additional commands, e-mail:[EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
__________________________________ Do you Yahoo!? Take Yahoo! Mail with you! Get it on your mobile phone. http://mobile.yahoo.com/maildemo
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
