tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 11678] New: - JNDIRealm times out/prompts for password with BASIC authentication
Date Wed, 14 Aug 2002 00:17:02 GMT
DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11678>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11678

JNDIRealm times out/prompts for password with BASIC authentication

           Summary: JNDIRealm times out/prompts for password with BASIC
                    authentication
           Product: Tomcat 4
           Version: 4.1.9
          Platform: Sun
        OS/Version: Solaris
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Catalina
        AssignedTo: tomcat-dev@jakarta.apache.org
        ReportedBy: jemiller@uchicago.edu


I noticed that if you protect a resource using JNDIRealm and BASIC 
authentication after you are prompted for user name and password and 
successfully authenticate, if you wait awhile and then refresh the page (or 
view another page that is protected), it will prompt you for a password again. 
It appears to time out after about 2 or 3 minutes.

I'm using Tomcat 4.1.9.

I'm using this in my server.xml,

<Realm className="org.apache.catalina.realm.JNDIRealm"
debug="99"
connectionURL="ldap://localhost:8636"
connectionName=""
connectionPassword=""
userPattern="uid={0}, ou=People, dc=uchicago, dc=edu"
userRoleName="eduPersonAffiliation"/>

and this in my web.xml,

<security-constraint>
<web-resource-collection>
<web-resource-name>Orientation Registration</web-resource-name>
<url-pattern>/servlet/OrientationRegistration</url-pattern>
<url-pattern>/servlet/OrientationRegistration/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>faculty</role-name>
<role-name>staff</role-name>
<role-name>student</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>The University of Chicago Directory</realm-name>
</login-config>

Note, this behavior does not occur when I use MemoryRealm instead.

--
To unsubscribe, e-mail:   <mailto:tomcat-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-dev-help@jakarta.apache.org>


Mime
View raw message