Return-Path: 
 <tomcat-user-return-48364-qmlist-jakarta-archive-tomcat-user=jakarta.apache.org@jakarta.apache.org>
Delivered-To: apmail-jakarta-tomcat-user-archive@apache.org
Received: (qmail 87854 invoked from network); 11 Jan 2003 20:37:19 -0000
Received: from exchange.sun.com (192.18.33.10)
  by daedalus.apache.org with SMTP; 11 Jan 2003 20:37:19 -0000
Received: (qmail 18433 invoked by uid 97); 11 Jan 2003 20:38:22 -0000
Delivered-To: qmlist-jakarta-archive-tomcat-user@jakarta.apache.org
Received: (qmail 18417 invoked by uid 97); 11 Jan 2003 20:38:21 -0000
Mailing-List: contact tomcat-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
List-Unsubscribe: <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
List-Subscribe: <mailto:tomcat-user-subscribe@jakarta.apache.org>
List-Help: <mailto:tomcat-user-help@jakarta.apache.org>
List-Post: <mailto:tomcat-user@jakarta.apache.org>
List-Id: "Tomcat Users List" <tomcat-user.jakarta.apache.org>
Reply-To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Delivered-To: mailing list tomcat-user@jakarta.apache.org
Received: (qmail 18405 invoked by uid 98); 11 Jan 2003 20:38:21 -0000
X-Antivirus: nagoya (v4218 created Aug 14 2002)
Date: Sat, 11 Jan 2003 12:40:18 -0800
From: Peter Lee <tomcatuser@shaw.ca>
Subject: A <transport-guarantee> problem with 4.1.18
To: Tomcat Users List <tomcat-user@jakarta.apache.org>
Reply-to: tomcatuser@shaw.ca
Message-id: <3E2010B2.14842.2F5E8B8@localhost>
MIME-version: 1.0
X-Mailer: Pegasus Mail for Windows (v4.02)
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body
Priority: normal
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

I asked this earlier, but I still got problems with it. I upgraded to
4.1.18, but I got some problems with security constraints.

I have applied a security constraint on a particular url pattern. Only
certain users with a special rolename can access that link.   The data
transportation is also secure, therefore I put in a  <transport-guarantee>
in web.xml

<user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>

It used to work but now the page does not load with v4.1.18. 
I got a blank page instead of a login page.
Is SSL implemented differently v4.1.18 that prevents my application
from working like before?
I think it has to do with rolenames. I put in the needed role in
tomcat-user.xml 
already. Did I miss something?

Is there any documentation on tomcat v4.1.18 SSL security stuff?


Here is my security constraint in web.xml:

  <!-- Secure form 
        URLs of the form 
        http://localhost/Prefix/mypage
           require SSL and are redirected to
        https://localhost/Prefix/mypage -->

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>SSLspecial</web-resource-name>
      <url-pattern>/protectedpage/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>specialrole</role-name>
    </auth-constraint>
    <user-data-constraint>
      <transport-guarantee>CONFIDENTIAL</transport-guarantee>
    </user-data-constraint>
  </security-constraint>



--
To unsubscribe, e-mail:   <mailto:tomcat-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:tomcat-user-help@jakarta.apache.org>