HELP!! Container managed authentication problem with Apache 1.3 + Tomcat 4 + Warp

Mon, 01 Apr 2002 00:21:01 -0800 

Subject: HELP!! Container managed authentication problem with Apache 1.3 + Tomcat 4 + 
Warp
From: "Hyunjin Kim" <[EMAIL PROTECTED]>
 ===
Hi,

I have recently set up TOMCAT 4 + Apache 1.3 with "***Warp connector***".
Although I have failed to have Apache forward *.do calls to jakarta
correctly (for struts Action servlet calls), everything else seems to work
fine(it's kinda outta subject, but my struts is now configured to be called
when /execute is seen).

My problem is:

- I have set up my app with default JDBC realm container managed security,
and it works fine when called from :8080... but when I try to access the
security constrained folder (/admin in my case) through Apache(port :80), it
forwards me to the correct page(login.jsp page). However, when I put in the
correct username/password(that works find in :8080), it ALWAYS forwards me
to error page.

Strange thing is, my login attempt through apache doesn't even get logged...
When I try to log in from :8080, all my attemps are logged, like following:

2002-04-01 16:11:41 JDBCRealm[/adsf]: Username hyunjin has role
administrator
2002-04-01 16:13:12 JDBCRealm[/asdf]: Username hyunjin NOT successfully
authenticated

... Stranger thing?? after failing the login, apache will forward me to
correct login error page....

Any help would be really appreciated. Thank you! (following is the web.xml
file for my webapp, although I don't think this problem is got to do with
this file..)


<security-constraint>
  <web-resource-collection>
   <web-resource-name>Nano-enc Administrator</web-resource-name>
   <url-pattern>/admin</url-pattern>
  </web-resource-collection>
  <auth-constraint>
   <role-name>administrator</role-name>
  </auth-constraint>
 </security-constraint>

 <security-constraint>
  <web-resource-collection>
   <web-resource-name>Intranet Security Constraint</web-resource-name>
   <url-pattern>/intranet</url-pattern>
  </web-resource-collection>
  <auth-constraint>
   <role-name>employee</role-name>
   <role-name>administrator</role-name>
  </auth-constraint>
 </security-constraint>

 <login-config>
 <auth-method>FORM</auth-method>
     <realm-name>default</realm-name>
     <form-login-config>
       <form-login-page>/login.jsp</form-login-page>
       <form-error-page>/loginerror.jsp</form-error-page>
     </form-login-config>
 </login-config>








--
To unsubscribe:   <mailto:[EMAIL PROTECTED]>
For additional commands: <mailto:[EMAIL PROTECTED]>
Troubles with the list: <mailto:[EMAIL PROTECTED]>

Reply via email to