You are right. A lot of changes were made to my configuration based on advice I recieved on the forum.
There could be several things that fixed my problem. The main thing is I know how to set it up now :-) Luke Luke Shannon Web Design/Development Java Programmer http://www.lukeshannon.com phone: 416-570-1984 ----- Original Message ----- From: "sven morales" <[EMAIL PROTECTED]> To: "Tomcat Users List" <[email protected]> Sent: Saturday, February 12, 2005 10:28 AM Subject: Re: RE : Security Newbie - Need Help > Not to prolong, I would think if this was the case of > misplaced element, the DTD for the web.xml would make > the Digester throw an exception because it does not > conform. > > --- Luke <[EMAIL PROTECTED]> wrote: > > > Hello; > > > > I finally got this. It turned out I had my: > > > > <login-config> > > <auth-method>BASIC</auth-method> > > </login-config> > > > > Inside my <security-constraint> instead of being in > > the <web-app>. > > > > Once I moved this to the correct place in the > > document. Everything worked > > fine. > > > > Thanks to all that posted advice. > > > > Luke > > > > > > Luke Shannon > > Web Design/Development > > Java Programmer > > http://www.lukeshannon.com > > phone: 416-570-1984 > > ----- Original Message ----- > > From: "Luke" <[EMAIL PROTECTED]> > > To: "Tomcat Users List" > > <[email protected]> > > Sent: Friday, February 11, 2005 9:05 PM > > Subject: Re: RE : Security Newbie - Need Help > > > > > > > Hi; > > > > > > I can't get the memory realm to work either. I am > > still getting the error > > > below without a login prompt: > > > > > > > > > HTTP Status 403 - Configuration error: Cannot > > perform access control > > without > > > an authenticated principal > > > type Status report > > > message Configuration error: Cannot perform access > > control without an > > > authenticated principal > > > description Access to the specified resource > > (Configuration error: Cannot > > > perform access control without an authenticated > > principal) has been > > > forbidden. > > > Apache Tomcat/5.0.27 > > > > > > This has to be something with my application, > > WEB-INF, server.xml. How > > > should I proceed to trouble shoot? > > > > > > Thanks, > > > > > > Luke > > > > > > ----- Original Message ----- > > > From: "LERBSCHER Jean-Pierre" > > <[EMAIL PROTECTED]> > > > To: "'Tomcat Users List'" > > <[email protected]> > > > Sent: Friday, February 11, 2005 12:21 AM > > > Subject: RE : RE : Security Newbie - Need Help > > > > > > > > > > Could you try MemoryRealm to evict filter > > mechanisms (like firewall or > > > > router configuration) between your tomcat serve > > rand your database ? > > > > > > > > As you can see in the servlet specification the > > security-role element > > > isn't > > > > optional. > > > > <!ELEMENT web-app (icon?, display-name?, > > description?, > > > > distributable?, context-param*, filter*, > > filter-mapping*, > > > > listener*, servlet*, servlet-mapping*, > > session-config?, mimemapping*, > > > > welcome-file-list?, error-page*, taglib*, > > resourceenv- > > > > ref*, resource-ref*, security-constraint*, > > login-config?, > > > > security-role*, env-entry*, ejb-ref*, > > ejb-local-ref*)> > > > > > > > > -----Message d'origine----- > > > > De : Luke [mailto:[EMAIL PROTECTED] > > > > Envoy�: vendredi 11 f�rier 2005 08:18 > > > > �: Tomcat Users List > > > > Objet : Re: RE : Security Newbie - Need Help > > > > > > > > Hi Dennis; > > > > > > > > Where is IMS defined? Otherwise I have specified > > everything as you > > > > recommended. Yet I still get this error once I > > hit the page (no login > > > > prompt): > > > > > > > > > > > > HTTP Status 403 - Configuration error: Cannot > > perform access control > > > without > > > > an authenticated principal > > > > type Status report > > > > message Configuration error: Cannot perform > > access control without an > > > > authenticated principal > > > > description Access to the specified resource > > (Configuration error: > > Cannot > > > > perform access control without an authenticated > > principal) has been > > > > forbidden. > > > > Apache Tomcat/5.0.28 > > > > > > > > Thanks, > > > > > > > > Luke > > > > > > > > > > > > ----- Original Message ----- > > > > From: "Dennis Payne" <[EMAIL PROTECTED]> > > > > To: <[email protected]> > > > > Sent: Thursday, February 10, 2005 11:23 AM > > > > Subject: Re: RE : Security Newbie - Need Help > > > > > > > > > > > > > you will not need a roles table for tomcat... > > it is only useful to > > your > > > > own applications that will edit the data. The > > system only utilizes the > > the > > > > user-role table and the user-password table (at > > least for basic > > > > authentication). > > > > > > > > > > Each servlet in the system that is secure is > > setup this way and has > > an > > > > associated mapping: > > > > > > > > > > <servlet> > > > > > <servlet-name>EnterAssignment</servlet-name> > > > > > <display-name>EnterAssignment</display-name> > > > > > <description>Enter Assignment</description> > > > > > > > > <servlet-class>com.mtc.ims.ia.servlet.EnterAssignment</servlet-class> > > > > > <security-role-ref> > > > > > <role-name>IMS</role-name> > > > > > <role-link>IMS</role-link> > > > > > </security-role-ref> > > > > > </servlet> > > > > > ... > > > > > <servlet-mapping> > > > > > <servlet-name>EnterAssignment</servlet-name> > > > > > > > <url-pattern>/servlet/EnterAssignment</url-pattern> > > > > > </servlet-mapping> > > > > > > > > > > The server.xml contains a reference to the > > security tables by using > > the > > > > <Realm> tag placed as shown (there are other > > ways to do it) and all db > > > > driver jars have been place in the classpath: > > > > > > > > > > <Engine defaultHost="localhost" > > name="Catalina"> > > > > > <Host appBase="webapps" name="localhost"> > > > > > <Logger > > className="org.apache.catalina.logger.FileLogger" > > > > prefix="localhost_log." suffix=".txt" > > timestamp="true" /> > > > > > <Realm > > className="org.apache.catalina.realm.JDBCRealm" > > > > connectionName="username" > > connectionPassword="password" > > > > > > > connectionURL="jdbc:mysql://xxx.xxx.xxx.xxx:3306/dbname" > > > > driverName="com.mysql.jdbc.Driver" > > userRoleTable="userrole" > > > > userTable="userpassword" roleNameCol="userrole" > > userNameCol="userid" > > > > userCredCol="passwordid" /> > > > > > </Host> > > > > > <Logger > > className="org.apache.catalina.logger.FileLogger" > > > > prefix="catalina_log." suffix=".txt" > > timestamp="true" /> > > > > > <Realm > > > className="org.apache.catalina.realm.UserDatabaseRealm" > > === message truncated === > > > > > __________________________________ > Do you Yahoo!? > The all-new My Yahoo! - Get yours free! > http://my.yahoo.com > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
