cocoon-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Johannes Hoechstaedter <j.hoechstaed...@memocomp.de>
Subject Re: Tomcat security
Date Fri, 13 Jun 2008 09:57:45 GMT
Thank you Barbara for struggeling this out, maybe I need your collected 
knowledge later :)

Barbara Slupik schrieb:
> I found how to make tomcat authentication work. I added:
>
> <filter>
> <filter-name>springRequestContextFilter</filter-name>   
> <filter-class>org.springframework.web.filter.RequestContextFilter 
> <http://web.filter.RequestContextFilter></filter-class>
> </filter>
>
> <filter-mapping>
> <filter-name>springRequestContextFilter</filter-name>
> <url-pattern>/*</url-pattern>
> <dispatcher>FORWARD</dispatcher>
> <dispatcher>REQUEST</dispatcher>
> </filter-mapping>
>
> to my application web.xml <http://web.xml> file.
>
> I found the answer 
> here: http://www.mail-archive.com/users@myfaces.apache.org/msg43933.html
>
> On 12 Jun, 2008, at 10:07 pm, Barbara Slupik wrote:
>
>> How to do authentication in cocoon-2.2.0?
>>
>> I don't know how to make tomcat authentication work. I tried 
>> authentication block instead and it works fine but I cannot use role 
>> filter transformer with it probably because authentication does not 
>> write user roles to the request.
>>
>>
>> On 10 Jun, 2008, at 4:35 pm, Barbara Slupik wrote:
>>
>>> Hello
>>>
>>> I am trying to upgrade my cocoon applications from cocoon-2.1.10 to 
>>> cocoon-2.2.0. I am using maven with jetty to build my blocks and 
>>> webapp. I am also trying to use servlet container security. 
>>> Everything works fine with jetty including the security. But when I 
>>> deploy my application into tomcat-6.0.10 the log in does not work 
>>> properly.
>>>
>>> I have login.xml  screen and my sitemap looks like this:
>>>
>>> <map:match pattern="login">
>>> <map:generate src="menu/login.xml"/>
>>> <map:transform type="i18n"><map:parameter name="locale" 
>>> value="{request:locale}"/></map:transform>
>>> <map:serialize type="xhtml"/>
>>> </map:match>
>>>
>>> In my application web.xml <http://web.xml> I have this:
>>>
>>> <login-config>
>>> <auth-method>FORM</auth-method>
>>> <realm-name>Cocoon Realm</realm-name>
>>> <form-login-config>
>>> <form-login-page>/home/login</form-login-page>
>>> <form-error-page>/home/error</form-error-page>
>>> </form-login-config>
>>> </login-config>
>>>
>>> When I call http://localhost:8080/my-cocoon-webapp/home/login in 
>>> tomcat directly it works fine. But when I try to call a protected 
>>> URL without loging tomcat tries to call the login page and I get 
>>> error displayed below.
>>>
>>> I don't know how to "expose the current request in  
>>> RequestContextListener or RequestContextFilter". Any help is 
>>> appreciated. Thank you.
>>>
>>> Barbara
>>>
>>>  ERROR http-8080-1 
>>> org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cocoon-webapp-2.0].[DispatcherServlet]

>>> - Servlet.service() for servlet DispatcherServlet threw exception
>>>  java.lang.IllegalStateException: No thread-bound request found: Are 
>>> you referring to request attributes outside of an actual web 
>>> request? If you are actually operating within a web request and 
>>> still receive this message,your code is probably running outside of 
>>> DispatcherServlet/DispatcherPortlet: In this case, use 
>>> RequestContextListener or RequestContextFilter to expose the current 
>>> request.
>>> at 
>>> org.springframework.web.context.request.RequestContextHolder.currentRequestAttributes

>>> <http://web.context.request.RequestContextHolder.currentRequestAttributes>(RequestContextHolder.java:102)
>>> at 
>>> org.apache.cocoon.spring.configurator.WebAppContextUtils.enteringContext(WebAppContextUtils.java:75)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.ConcreteTreeProcessor.process(ConcreteTreeProcessor.java:215)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.ConcreteTreeProcessor.process(ConcreteTreeProcessor.java:171)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.TreeProcessor.process(TreeProcessor.java:247)
>>> at 
>>> org.apache.cocoon.servlet.RequestProcessor.process(RequestProcessor.java:351)
>>> at 
>>> org.apache.cocoon.servlet.RequestProcessor.service(RequestProcessor.java:169)
>>> at 
>>> org.apache.cocoon.sitemap.SitemapServlet.service(SitemapServlet.java:84)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> at 
>>> org.apache.cocoon.servletservice.ServletServiceContext$PathDispatcher.forward(ServletServiceContext.java:468)
>>> at 
>>> org.apache.cocoon.servletservice.ServletServiceContext$PathDispatcher.forward(ServletServiceContext.java:443)
>>> at 
>>> org.apache.cocoon.servletservice.spring.ServletFactoryBean$ServiceInterceptor.invoke(ServletFactoryBean.java:264)
>>> at 
>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
>>> at 
>>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
>>> at $Proxy20.service(Unknown Source)
>>> at 
>>> org.apache.cocoon.servletservice.DispatcherServlet.service(DispatcherServlet.java:106)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> at 
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>> at 
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:687)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:469)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:403)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)
>>> at 
>>> org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:316)
>>> at 
>>> org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:244)
>>> at 
>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
>>> at 
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>>> at 
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
>>> at 
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>> at 
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:216)
>>> at 
>>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
>>> at 
>>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:634)
>>> at 
>>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:445)
>>> at java.lang.Thread.run(Thread.java:613)
>>> ERROR http-8080-1 
>>> org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cocoon-webapp-2.0].[DispatcherServlet]

>>> - Servlet.service() for servlet DispatcherServlet threw exception
>>>  java.lang.IllegalStateException: No thread-bound request found: Are 
>>> you referring to request attributes outside of an actual web 
>>> request? If you are actually operating within a web request and 
>>> still receive this message,your code is probably running outside of 
>>> DispatcherServlet/DispatcherPortlet: In this case, use 
>>> RequestContextListener or RequestContextFilter to expose the current 
>>> request.
>>> at 
>>> org.springframework.web.context.request.RequestContextHolder.currentRequestAttributes

>>> <http://web.context.request.RequestContextHolder.currentRequestAttributes>(RequestContextHolder.java:102)
>>> at 
>>> org.apache.cocoon.spring.configurator.WebAppContextUtils.enteringContext(WebAppContextUtils.java:75)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.ConcreteTreeProcessor.process(ConcreteTreeProcessor.java:215)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.ConcreteTreeProcessor.process(ConcreteTreeProcessor.java:171)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.TreeProcessor.process(TreeProcessor.java:247)
>>> at 
>>> org.apache.cocoon.servlet.RequestProcessor.process(RequestProcessor.java:351)
>>> at 
>>> org.apache.cocoon.servlet.RequestProcessor.service(RequestProcessor.java:169)
>>> at 
>>> org.apache.cocoon.sitemap.SitemapServlet.service(SitemapServlet.java:84)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> at 
>>> org.apache.cocoon.servletservice.ServletServiceContext$PathDispatcher.forward(ServletServiceContext.java:468)
>>> at 
>>> org.apache.cocoon.servletservice.ServletServiceContext$PathDispatcher.forward(ServletServiceContext.java:443)
>>> at 
>>> org.apache.cocoon.servletservice.spring.ServletFactoryBean$ServiceInterceptor.invoke(ServletFactoryBean.java:264)
>>> at 
>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
>>> at 
>>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
>>> at $Proxy20.service(Unknown Source)
>>> at 
>>> org.apache.cocoon.servletservice.DispatcherServlet.service(DispatcherServlet.java:106)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> at 
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>> at 
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:687)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:469)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:403)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)
>>> at 
>>> org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:316)
>>> at 
>>> org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:244)
>>> at 
>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
>>> at 
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>>> at 
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
>>> at 
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>> at 
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:216)
>>> at 
>>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
>>> at 
>>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:634)
>>> at 
>>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:445)
>>> at java.lang.Thread.run(Thread.java:613)
>>> WARN http-8080-1 org.apache.catalina.authenticator.FormAuthenticator 
>>> - Unexpected error forwarding to login page
>>>  javax.servlet.ServletException: java.lang.IllegalStateException: No 
>>> thread-bound request found: Are you referring to request attributes 
>>> outside of an actual web request? If you are actually operating 
>>> within a web request and still receive this message,your code is 
>>> probably running outside of DispatcherServlet/DispatcherPortlet: In 
>>> this case, use RequestContextListener or RequestContextFilter to 
>>> expose the current request.
>>> at 
>>> org.apache.cocoon.servlet.RequestProcessor.service(RequestProcessor.java:230)
>>> at 
>>> org.apache.cocoon.sitemap.SitemapServlet.service(SitemapServlet.java:84)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> at 
>>> org.apache.cocoon.servletservice.ServletServiceContext$PathDispatcher.forward(ServletServiceContext.java:468)
>>> at 
>>> org.apache.cocoon.servletservice.ServletServiceContext$PathDispatcher.forward(ServletServiceContext.java:443)
>>> at 
>>> org.apache.cocoon.servletservice.spring.ServletFactoryBean$ServiceInterceptor.invoke(ServletFactoryBean.java:264)
>>> at 
>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
>>> at 
>>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
>>> at $Proxy20.service(Unknown Source)
>>> at 
>>> org.apache.cocoon.servletservice.DispatcherServlet.service(DispatcherServlet.java:106)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> at 
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>> at 
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:687)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:469)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:403)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)
>>> at 
>>> org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:316)
>>> at 
>>> org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:244)
>>> at 
>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
>>> at 
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>>> at 
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
>>> at 
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>> at 
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:216)
>>> at 
>>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
>>> at 
>>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:634)
>>> at 
>>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:445)
>>> at java.lang.Thread.run(Thread.java:613)
>>> Caused by: java.lang.IllegalStateException: No thread-bound request 
>>> found: Are you referring to request attributes outside of an actual 
>>> web request? If you are actually operating within a web request and 
>>> still receive this message,your code is probably running outside of 
>>> DispatcherServlet/DispatcherPortlet: In this case, use 
>>> RequestContextListener or RequestContextFilter to expose the current 
>>> request.
>>> at 
>>> org.springframework.web.context.request.RequestContextHolder.currentRequestAttributes

>>> <http://web.context.request.RequestContextHolder.currentRequestAttributes>(RequestContextHolder.java:102)
>>> at 
>>> org.apache.cocoon.spring.configurator.WebAppContextUtils.enteringContext(WebAppContextUtils.java:75)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.ConcreteTreeProcessor.process(ConcreteTreeProcessor.java:215)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.ConcreteTreeProcessor.process(ConcreteTreeProcessor.java:171)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.TreeProcessor.process(TreeProcessor.java:247)
>>> at 
>>> org.apache.cocoon.servlet.RequestProcessor.process(RequestProcessor.java:351)
>>> at 
>>> org.apache.cocoon.servlet.RequestProcessor.service(RequestProcessor.java:169)
>>> ... 27 more
>>> WARN http-8080-1 org.apache.catalina.authenticator.FormAuthenticator 
>>> - Unexpected error forwarding to login page
>>>  javax.servlet.ServletException: java.lang.IllegalStateException: No 
>>> thread-bound request found: Are you referring to request attributes 
>>> outside of an actual web request? If you are actually operating 
>>> within a web request and still receive this message,your code is 
>>> probably running outside of DispatcherServlet/DispatcherPortlet: In 
>>> this case, use RequestContextListener or RequestContextFilter to 
>>> expose the current request.
>>> at 
>>> org.apache.cocoon.servlet.RequestProcessor.service(RequestProcessor.java:230)
>>> at 
>>> org.apache.cocoon.sitemap.SitemapServlet.service(SitemapServlet.java:84)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> at 
>>> org.apache.cocoon.servletservice.ServletServiceContext$PathDispatcher.forward(ServletServiceContext.java:468)
>>> at 
>>> org.apache.cocoon.servletservice.ServletServiceContext$PathDispatcher.forward(ServletServiceContext.java:443)
>>> at 
>>> org.apache.cocoon.servletservice.spring.ServletFactoryBean$ServiceInterceptor.invoke(ServletFactoryBean.java:264)
>>> at 
>>> org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
>>> at 
>>> org.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
>>> at $Proxy20.service(Unknown Source)
>>> at 
>>> org.apache.cocoon.servletservice.DispatcherServlet.service(DispatcherServlet.java:106)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
>>> at 
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>>> at 
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:687)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:469)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:403)
>>> at 
>>> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)
>>> at 
>>> org.apache.catalina.authenticator.FormAuthenticator.forwardToLoginPage(FormAuthenticator.java:316)
>>> at 
>>> org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:244)
>>> at 
>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:491)
>>> at 
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
>>> at 
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
>>> at 
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>>> at 
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:216)
>>> at 
>>> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
>>> at 
>>> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:634)
>>> at 
>>> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:445)
>>> at java.lang.Thread.run(Thread.java:613)
>>> Caused by: java.lang.IllegalStateException: No thread-bound request 
>>> found: Are you referring to request attributes outside of an actual 
>>> web request? If you are actually operating within a web request and 
>>> still receive this message,your code is probably running outside of 
>>> DispatcherServlet/DispatcherPortlet: In this case, use 
>>> RequestContextListener or RequestContextFilter to expose the current 
>>> request.
>>> at 
>>> org.springframework.web.context.request.RequestContextHolder.currentRequestAttributes

>>> <http://web.context.request.RequestContextHolder.currentRequestAttributes>(RequestContextHolder.java:102)
>>> at 
>>> org.apache.cocoon.spring.configurator.WebAppContextUtils.enteringContext(WebAppContextUtils.java:75)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.ConcreteTreeProcessor.process(ConcreteTreeProcessor.java:215)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.ConcreteTreeProcessor.process(ConcreteTreeProcessor.java:171)
>>> at 
>>> org.apache.cocoon.components.treeprocessor.TreeProcessor.process(TreeProcessor.java:247)
>>> at 
>>> org.apache.cocoon.servlet.RequestProcessor.process(RequestProcessor.java:351)
>>> at 
>>> org.apache.cocoon.servlet.RequestProcessor.service(RequestProcessor.java:169)
>>> ... 27 more
>>>
>>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@cocoon.apache.org
For additional commands, e-mail: users-help@cocoon.apache.org


Mime
View raw message