tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David H Elrod <dhel...@rivendell.com>
Subject Problem Configuring Authentication (Bug?)
Date Thu, 01 Jun 2000 00:45:05 GMT


I'm running:
  RedHat 6.2
  Apache 1.3.12
  Tomcat (CVS Checkout from 30 May 2000)

I have apache/tomcat configured, and my pages work as expected
until I try to add BASIC authentication.

I created a web directory that looks (mostly) like:

  webapps/users/
      file1.html
      html/
          file2.html
      pages/
          file3.html
      WEB-INF/
          classes/
	  lib/
	  web.xml
In reality, file1, file2 and file3 are all named "index.html".

I simplied tomcat.conf so that it looks like:
  LoadModule jserv_module libexec/mod_jserv.so
  ApJServManual on
  ApJServDefaultProtocol ajpv12
  ApJServSecretKey DISABLED
  ApJServMountCopy on
  ApJServLogLevel notice

  ApJServDefaultPort 8007

  AddType test/jsp .jsp
  AddHandler jserv-servlet .jsp

  ApJServMount /users

  ApJServMount /servlet /ROOT

My tomcat/conf/server.xml has an entry like:
    <Context path="/users"
             docBase="webapps/users"
	     debug="9"
	     reloadable="true" >
    </Context>
near the bottom.

My webapp/users/WEB-INF/web.xml file looks like:
  <?xml version="1.0" encoding="ISO-8859-1"?>
  
  <!DOCTYPE web-app
      PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.2//EN"
      "http://java.sun.com/j2ee/dtds/web-app_2.2.dtd">
  
  <web-app>
    <security-constraint>
      <web-resource-collection>
        <web-resource-name>Protected Area</web-resource-name>
        <!-- Define the context-relative URL(s) to be protected -->
        <url-pattern>/pages/*</url-pattern>
      </web-resource-collection>
      <auth-constraint>
        <!-- Anyone with one of the listed roles may access this area -->
        <role-name>tomcat</role-name>
      </auth-constraint>
    </security-constraint>
  
    <!-- Default login configuration uses BASIC authentication -->
    <login-config>
      <auth-method>BASIC</auth-method>
      <realm-name>Example Basic Authentication Area</realm-name>
    </login-config>
  
  </web-app>

The file "file1.html" has links to "html/file2.html" and
"pages/file3.html".

When I access "http://sys/users" I get the file "file1.html".

When I click the link and access "http://sys/users/html/file2.html"
I get "file2.html". 

When I click the link and access "http://sys/users/pages/file3.html"
1) I am prompted for BASIC authentication.
2) I enter the username/password
3) I get *** file1 *** with a URL of:
   "http://sys/users/pages/file3.html".

If I click on the file3 link here, I get file3, with a URL of:
  http://sys/users/pages/pages/file3.html

If someone can aim me at the file where the problem MIGHT be,
then I can try to explore further, but I am relatively new to
Java, and I'm trying hard to get a project done in a few weeks.
Sorry, the code for tomcat is pretty big and I haven't learned
the layout yet. A quick look got me pretty lost... :>

Or, maybe I'm just configuring something wrong... (that would be
nice!).

Any help will be appreciated.


Thank you,
Hunter

--------------------------------------------------------------------
David Hunter Elrod                   Rivendell Technologies, Inc
dhelrod@rivendell.com                1111 W. El Camino #109, PMB348
http://www.rivendell.com             Sunnyvale, CA 94087-0126
Voice: 650/254-1790                  Fax: 650/254-1792


Mime
View raw message