tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig R. McClanahan" <craig...@apache.org>
Subject RE: Tomcat and SSL
Date Tue, 03 Dec 2002 01:23:37 GMT


On Mon, 2 Dec 2002, Jay Wright wrote:

> Date: Mon, 2 Dec 2002 16:32:56 -0800
> From: Jay Wright <jwright@once.com>
> Reply-To: Tomcat Users List <tomcat-user@jakarta.apache.org>
> To: 'Tomcat Users List' <tomcat-user@jakarta.apache.org>
> Subject: RE: Tomcat and SSL
>
>
> So I have added:
>
>         <auth-constraint>
>             <role-name>*</role-name>
>         </auth-constraint>
>
> to the web.xml file's security constraint tags.  But still I get nothing.
> As I watch the logs below:
>
> 2002-12-02 16:18:33 Authenticator[/a/b/c]: Security checking request GET
> /a/b/c/index.jsp
> 2002-12-02 16:18:33 Authenticator[/a/b/d]:  Not subject to any constraint
> 2002-12-02 16:18:33 StandardContext[/a/b/c]: Mapping contextPath='/a/b/c'
> with requestURI='/a/b/c/index.jsp' and relativeURI='/index.jsp'
> 2002-12-02 16:18:33 StandardContext[/a/b/c]: Decoded
> relativeURI='/index.jsp'
> 2002-12-02 16:18:33 StandardContext[/a/b/c]:  Mapped to servlet 'jsp' with
> servlet path '/index.jsp' and path info 'null' and update=true
>
> I can't help but wonder if it's not simply the <url-pattern>.  I am not sure
> why my url-pattern (/a/b/c/*) is not matching /a/b/c/index.jsp?
>
> Is it trying to match the requestURI or the relativeURI?  Or something else?
>
> My Context path:
>
> <Context path="/a/b/c" docBase="/usr/local/webapps/a/b/c" debug="1"
> priviledged="true"/>
>
> is /a/b/c, so maybe it's only trying to match the relative URI.
>

Paths specified in <url-pattern> elements are *always* relative to the
context path.  If you really want every URL in your webapp to be
protected, use a URL pattern of "/*" instead of "/a/b/c/*".

> Anyone know?
>
> Jay
>

Craig

> > -----Original Message-----
> > From: Jay Wright [mailto:jwright@once.com]
> > Sent: Monday, December 02, 2002 10:04 AM
> > To: 'tomcat-user@jakarta.apache.org'
> > Subject: Tomcat and SSL
> >
> >
> >
> > I am trying to configure a tomcat (4.1.12 on solaris)
> > webserver to redirect
> > a web app to a secure site.  I'm attempting to configure this through
> > web.xml, but I haven't found any valuable documentation.
> >
> > I have added:
> >
> >     <security-constraint>
> >         <web-resource-collection>
> >             <web-resource-name>Some Name</web-resource-name>
> >             <url-pattern>/a/b/c/*</url-pattern>
> >         </web-resource-collection>
> >         <user-data-constraint>
> >             <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> >         </user-data-constraint>
> >     </security-constraint>
> >
> > to the web.xml file, though it is unclear to me how this
> > works.  I have also
> > configured tomcat with a certificate and set up the SSL
> > Connector as per
> > apache's documentation.  SSL works, but the problem is that I
> > can reach any
> > of my web apps through either http or https.
> >
> > In my configuration above, the <web-resource-name> maps to
> > nothing.  Is this
> > just a friendly name or should it map to a "resource" in my <servlet>
> > configuration?
> >
> > Thanks,
> >
> > Jay
> >
> > --
> > To unsubscribe, e-mail:
> <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail:
> <mailto:tomcat-user-help@jakarta.apache.org>
>
> --
> To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
> For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>
>
>


--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>


Mime
View raw message