On Tue, Nov 4, 2014 at 10:37 PM, Ji Zhang <[email protected]> wrote: > Now I have the configuration below: > > 1) security setting in web.xml: > > <security-constraint> > <web-resource-collection> > > <web-resource-name>TomcatRealmUserArea</web-resource-name> > <url-pattern>/bin/view/XYZ/*</url-pattern> > </web-resource-collection> > <auth-constraint> > <role-name>TomcatRealmUsers</role-name> > </auth-constraint> > </security-constraint> > > 2) xwiki.conf: > > > xwiki.authentication.authclass=com.xpn.xwiki.user.impl.xwiki.AppServerTrustedAuthServiceImpl >
> 3) Basic authentication: > > #-# Authentication type. You can use 'basic' to always use basic > authentication. You are mixing several things here. All the actual authentication work is supposed to be done by TomcatRealmUsers before accessing XWiki (AppServerTrustedAuthServiceImpl just trust what's given by the front auth and create the user accordingly) so there is no reason to enable XWiki basic auth. > > > The restriction works, I got 403 (HTTP Status 403 - Access to the requested > resource has been denied ) when I try to access: > > http://mymachine:9090/xWiki/bin/view/XYZ/Tutorial+1 > > The question is: > > How to access this page successful? This is not a XWiki question, the authentication is done by whatever authenticator you are using in fron of XWiki. AppServerTrustedAuthServiceImpl just trust it. > > Thanks. > > > -----Original Message----- > From: Ji Zhang > Sent: Monday, November 03, 2014 1:10 PM > To: [email protected] > Subject: RE: [xwiki-users] Question regarding AppServerTrustedAuthServiceImpl > > Thanks Clemens. > > How do I test if this authentication works? For example, I have an user > jsmith/password in Tomcat JDBC realm. How do I assign the viewing privileges > to jsmith? > > Thanks again. > > Ji > > > -----Original Message----- > From: users [mailto:[email protected]] On Behalf Of Clemens > Klein-Robbenhaar > Sent: Monday, November 03, 2014 11:42 AM > To: [email protected] > Subject: Re: [xwiki-users] Question regarding AppServerTrustedAuthServiceImpl > > On 11/03/2014 05:15 PM, Ji Zhang wrote: >> Guys, >> >> I am new to Xwiki. >> >> I have a xwiki deployed on tomcat 6. I need to use authentication against >> tomcat JDBC realm. AppServerTrustedAuthServiceImpl seems to my option. Are >> there some detailed documents or examples for using it? >> > > yes: add a line do the xwiki.cfg in the WEB-INF folder, as explained here: > > > http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HContainerAuthentication > > That (and restarting tomcat) should be everything you need to do. > > Cheers, > Clemens > _______________________________________________ > users mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/users > _______________________________________________ > users mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/users -- Thomas Mortagne _______________________________________________ users mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/users
