What's the problem with doing: /xml/ --> basic auth /xml/secure/ --> basic auth
<Tony>I cannot change URL as this is a working application and XML consumers must notice no difference. Then this bit of the app can be deployed as xml.war and the other as ROOT.war. Modifying your URL namespaces would seem to be a logical improvement. <Tony>No doubt about that but this is what I have to work with</Tony> If needs be, you can redirect /secure/xml/ requests from the ROOT app to the xml app. <Tony>As mentioned I'm having difficulty with UrlRewriteFilter and Tomcat 6</Tony> Thanks for the input, all ideas are most welcome! Tony </Tony> On 09/12/2009 21:07, Anthony Jay wrote: > Hi All, > I am having tremendous difficulty configuring contexts on tomcat. > I've had to split my perfectly working application into two applications > as the jsp now requires Form based authentication and the XML components > require Http Basic authentication as before. As I've learned the very > hard way I cannot do both within the same application without writing my > own security plumbing. > So I've taken peoples advice and made one war file formauth.war with all > jsp and related servlets which uses form based auth and also created > basicauth.war which contains all xml servlet configuration, I put the > common libs into tomcat/lib directory (to handle Statics and singletons > and DB stuff) Two apps, two authentication mechanisms. Messy but I > could see no other way. > > My jsps etc are contained on the path /secure/xxx and /secure/yyy as > well as /public/* > But my XML URL pattern for servlets is > /secure/xml/* and /xml/* which are declared in web.xml > > Individually each war when deployed seem to work fine except for the > uri/path configuration. > i.e. URL prepended with /formauth/ or /basicauth/ prefixes. > Currently this works: > /formauth/secure/yyy -->Form based auth > /formauth/secure/xxx -->Form based auth > /formauth/public/ -->Form based auth > /basicauth/secure/xml/ -->basic auth > /basicauth/xml/ -->basic auth > etc. > Which is not what I want, the application must work as before. > > /secure/yyy -->Form based auth > /secure/xxx -->Form based auth > /public/ -->Form based auth > /secure/xml/ -->basic auth > /xml/ -->basic auth What's the problem with doing: /xml/ --> basic auth /xml/secure/ --> basic auth Then this bit of the app can be deployed as xml.war and the other as ROOT.war. Modifying your URL namespaces would seem to be a logical improvement. If needs be, you can redirect /secure/xml/ requests from the ROOT app to the xml app. p --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org For additional commands, e-mail: users-h...@tomcat.apache.org
