On 16/02/2012 13:26, Sachin Mehrotra wrote: > Do your logs indicate your custom authenticator is active or does it > throw an error? > ANS-->>> tomcat logs and other logs doesn't show any exception or even > traces added in the valve class. In Tomcat 6 we are able to see logs > added in our implemementation of AuthenticatorBase class. > > > How had you configured the authenticator to work in Tomcat 6.0? > ANS-->>> > In Server.xml we have defined Realm under Engine > > <Realm className="com.xyz.platform.realm.Realm" > realmPluginClass="com.xyz.org.realm.MyRealmPlugin"/> > </Engine>
> In Web.xml of the application we have defined following > > <security-constraint> > <web-resource-collection> > <web-resource-name>Web application > name</web-resource-name> > <description>Simple constraint for web > resources</description> > <url-pattern>/*</url-pattern> > <http-method>HEAD</http-method> > <http-method>POST</http-method> > <http-method>GET</http-method> > <http-method>PUT</http-method> > <http-method>DELETE</http-method> > </web-resource-collection> > <auth-constraint> > <description>Simple constraint</description> > <role-name>app-user</role-name> > </auth-constraint> > <user-data-constraint> > > <transport-guarantee>CONFIDENTIAL</transport-guarantee> > </user-data-constraint> > </security-constraint> > > <login-config> > <auth-method>BASIC</auth-method> > <realm-name>My App Realm</realm-name> > </login-config> Does BASIC authentication happen at all, or is this config ignored? > In context.xml inside META-INF of the application we have defined Valve > > <Context path="/myapp" docBase="myapp" debug="0" privileged="true"> path isn't valid here. docBase isn't valid here. debug isn't a valid attribute. Why do you need privileged set to true? > <ResourceLink name="tomcatHelper" global="MyTomcatHelper" > type="com.my.app.tools.tomcat.MyTomcatHelper" /> > <Valve className="com.my.realm.valve.AuthenticationValve" > characterEncoding="UTF-8"/> What happens if you remove this valve? p > </Context> > ---------------------------------------------------------------------------------------- > The same is present in Tomcat 7.0.20 but the AuthenticatioValve is not > hitting. > > One more thing that we have observed that in > CATALINA_HOME/conf/Catalina/localhost/ directory in7.0.20 we are not > having any xml while in Tomcat 6 we are having application context.xml > like files. > > > Thanks > Sachin > > > On 2/16/12, Pid <p...@pidster.com> wrote: >> On 16/02/2012 12:30, Sachin Mehrotra wrote: >>> Hi >>> >>> After upgrade from Tomcat 6 to Tomcat 7.0.20, our Basic Authentication >>> valve is not hitting. It seems it is overlooking our implementation of >>> Basic Authentication. >>> Below is the implementation: >>> We are having Realm that is doing authentication using our >>> authentication server. Before that we are having a Valve defined in >>> /META-INF/context.xml that is doing some pre-authentication based on >>> the token define in the HTTPs request. >>> If the token matches our creteria then Realm is hitting for actual Auth. >>> >>> This was working fine when Tomcat 6 was there and we were able to see >>> the logging coming that was added to our Implementation of Baisc >>> Authenticator. >> >> There's no guarantee that the internals of Tomcat remain the same >> between releases. >> >> Do your logs indicate your custom authenticator is active or does it >> throw an error? >> >> How had you configured the authenticator to work in Tomcat 6.0? >> >> >> p >> >> >> >> -- >> >> [key:62590808] >> >> > > -- [key:62590808]
signature.asc
Description: OpenPGP digital signature
