Hello Dinesh, Yep, starting with Tomcat-4.0.2, Tomcat has been enforcing the Sun classloading spec which says that no DOM or XML libraries can be loaded out of the child classloader, of which WEB-INF/lib is. Tomcat-3.3.x and 4.0 and 4.0.1 did *not* enforce this. However, it cause some various buggy behavior that you may or may not have noticed. Bottom line is that you now much put your DOM/XML libraries out of a parent classloader... either in one of Tomcat's special directories such as $TOMCAT_HOME/lib or $TOMCAT_HOME/common/lib or you can load them from the JDK if you are using j2sdk1.4.x or greater. You can also override the DOM/XML libraries in jdk1.4.x by creating a $JAVA_HOME/jre/lib/endorsed directory and then putting your preferred DOM/XML libraries in there. They will be loaded on the bootclasspath with the rest of the standard Java libraries and override libraries with the same package that might have come with the JDK.
later, Jake Friday, August 16, 2002, 10:58:48 AM, you wrote: DK> In 3.3 tomcat I have crimson in my web-inf/lib and it is dynamically DK> loaded, in 4.x I have to remove crimson and put two(xmlPar.. and DK> xercesImpl). In 3.3 xmlPar and xercesI.. does not work. I am confused .. DK> -----Original Message----- DK> From: Scott Dayberry [mailto:[EMAIL PROTECTED]] DK> Sent: Friday, August 16, 2002 11:32 AM DK> To: [EMAIL PROTECTED] DK> Subject: getRemoteUser() reset to null after authenticated user hits DK> anunauthorized page DK> I am using form-based authentication under Tomcat 3.2.3. DK> I have 3 security-constraint sections in web.xml for 3 different user DK> roles. DK> If an already authenticated user selects a page to which he is not DK> authorized, he is redirected to the form-error-page (I thought this DK> should DK> be a 403-Forbidden error instead), and his authentication is DK> invalidated. DK> (A getRemoteUser() call returning null at this point verifies this). DK> The implication of this, is that he can no longer select any pages that DK> he DK> IS authorized for, and must re-login. Is this a known bug with Tomcat DK> 3.2.3, DK> expected behavior, or is there a configuration setting I am missing? DK> Thanks in advance, DK> Scott DK> -- DK> To unsubscribe, e-mail: DK> <mailto:[EMAIL PROTECTED]> DK> For additional commands, e-mail: DK> <mailto:[EMAIL PROTECTED]> DK> -- DK> To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> DK> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]> -- Best regards, Jacob mailto:[EMAIL PROTECTED] -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
