I am trying to help someone with a Tomcat 5.5 implementation of waffle
(waffle.codeplex.com). It has authenticator valve that works well with tc6.
I declare a valve inside the web app:
Context.xml
<?xml version='1.0' encoding='utf-8'?>
<Context>
<Valve className="waffle.apache.NegotiateAuthenticator" principalFormat="fqn"
roleFormat="both" />
<Realm className="waffle.apache.WindowsRealm" />
</Context>
Web.xml
<security-constraint>
<display-name>Waffle Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>Everyone</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<role-name>Everyone</role-name>
</security-role>
I didn't modify anything in Tomcat's conf, but placed the JARs in the right
place(s).
The Valve starts, but any request to the protected area doesn't invoke it. I
get a 401 Access Denied, but no headers added by the valve.
Any suggestions? Is this supposed to work with tc5.5 at all?
Thx
dB.
dB. @ dblock.org<http://www.dblock.org/>
Moscow|Geneva|Seattle|New York
