tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From VAN DER MARLIERE FREDERIC <frederic.van_der_marli...@cdn.fr>
Subject RE : Tomcat 5 and Realm problem
Date Wed, 15 Dec 2004 15:44:37 GMT
Not far. I do use IE and htpts. And I turned off cookies but in server.xml
file. I meet to many problems when I use session cookies and none with
encoded URL. 
Any idea of the way to use realm authentication (FORM method) with cookies
turned off?

-----Message d'origine-----
De : Martin Grüneberg [mailto:martin.grueneberg@active-group.de] 
Envoyé : mercredi 15 décembre 2004 08:52
À : 'Tomcat Users List'
Objet : AW: Tomcat 5 and Realm problem


Hi Frederic,

you are using IE and https? I got the same error and can't find a proper
solution for it. I bet you have turned of cookies in IE. Turn them on (allow
session-cookies) and it will work again. 

Greetings
Martin  

-----Ursprüngliche Nachricht-----
Von: VAN DER MARLIERE FREDERIC [mailto:frederic.van_der_marliere@cdn.fr] 
Gesendet: Dienstag, 14. Dezember 2004 18:41
An: tomcat-user@jakarta.apache.org
Betreff: Tomcat 5 and Realm problem

Hi,

I'm developping a web app in wich I want the users to authenticate via
Realm. I first used BASIC authentication méthod and everything worked fine.
But when I want to use the FORM one, I get the following message when login
and password are correct (if not, I get the error page I configured in
web.xml):

The time allowed for the login process has been exceeded. If you wish to
continue you must either click back twice and re-click the link you
requested or close and re-open your browser

My web.xml looks like:

<security-constraint>
    <display-name></display-name>

    <web-resource-collection>
      <web-resource-name>protection index</web-resource-name>
      <url-pattern>/</url-pattern>
      <http-method>GET</http-method>
    </web-resource-collection>

    <auth-constraint>
      <role-name>myRole</role-name>
    </auth-constraint>
</security-constraint>

<login-config>
    <auth-method>FORM</auth-method>
    <form-login-config>
      <form-login-page>/login.jsp</form-login-page>
      <form-error-page>/error.jsp</form-error-page>
    </form-login-config>
</login-config>

<security-role>
    <role-name>myRole</role-name>
</security-role>

And login.jsp looks like:

  <html>
  <head></head>
  <body>
    <form action="j_security_check" method="POST">
      <input type="text" name="j_username" />
      <input type="password" name="j_password" />
      <input type="submit" />
    </form>
  </body>
</html>


Does someone have any idea about the origin of my problem ?

Thanks.
Fred.


----------------------------------------------------
Ce message et toutes les pieces jointes (ci-apres le "message") sont
confidentiels et etablis a l'intention exclusive de ses destinataires. Toute
utilisation ou diffusion non autorisee est interdite.Tout message
electronique est susceptible d'alteration. Le CREDIT DU NORD et ses filiales
declinent toute responsabilite au titre de ce message s'il a ete altere,
deforme ou falsifie. This message and any attachments ( the "message") are
confidential and intended solely for the addressees. Any unauthorised use or
dissemination is prohibited.E-mails are susceptible to alteration. Neither
CREDIT DU NORD nor any of its subsidiaries or affiliates shall be liable for
the message if altered, changed or falsified.
----------------------------------------------------



____________
Virus checked by G DATA AntiVirusKit
Version: AVK 15.0.1471 from 11.12.2004
Virus news: www.antiviruslab.com



----------------------------------------------------
Ce message et toutes les pieces jointes (ci-apres le "message") sont confidentiels et etablis
a l'intention exclusive de ses destinataires.
Toute utilisation ou diffusion non autorisee est interdite.Tout message electronique est susceptible
d'alteration.
Le CREDIT DU NORD et ses filiales declinent toute responsabilite au titre de ce message s'il
a ete altere, deforme ou falsifie.
This message and any attachments ( the "message") are confidential and intended solely for
the addressees.
Any unauthorised use or dissemination is prohibited.E-mails are susceptible to alteration.
Neither CREDIT DU NORD nor any of its subsidiaries or affiliates shall be liable for the message
if altered, changed or falsified.
----------------------------------------------------


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message