tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Luke" <l...@lukeshannon.com>
Subject Re: RE : Security Newbie - Need Help
Date Sat, 12 Feb 2005 21:40:20 GMT
You are right. A lot of changes were made to my configuration based on
advice I recieved on the forum.

There could be several things that fixed my problem.

The main thing is I know how to set it up now :-)

Luke

Luke Shannon
Web Design/Development
Java Programmer
http://www.lukeshannon.com
phone: 416-570-1984
----- Original Message ----- 
From: "sven morales" <aka_sergio@yahoo.com>
To: "Tomcat Users List" <tomcat-user@jakarta.apache.org>
Sent: Saturday, February 12, 2005 10:28 AM
Subject: Re: RE : Security Newbie - Need Help


> Not to prolong,  I would think if this was the case of
> misplaced element, the DTD for the web.xml would make
> the Digester throw an exception because it does not
> conform.
>
> --- Luke <luke@lukeshannon.com> wrote:
>
> > Hello;
> >
> > I finally got this. It turned out I had my:
> >
> > <login-config>
> > <auth-method>BASIC</auth-method>
> > </login-config>
> >
> > Inside my  <security-constraint> instead of being in
> > the <web-app>.
> >
> > Once I moved this to the correct place in the
> > document. Everything worked
> > fine.
> >
> > Thanks to all that posted advice.
> >
> > Luke
> >
> >
> > Luke Shannon
> > Web Design/Development
> > Java Programmer
> > http://www.lukeshannon.com
> > phone: 416-570-1984
> > ----- Original Message ----- 
> > From: "Luke" <luke@lukeshannon.com>
> > To: "Tomcat Users List"
> > <tomcat-user@jakarta.apache.org>
> > Sent: Friday, February 11, 2005 9:05 PM
> > Subject: Re: RE : Security Newbie - Need Help
> >
> >
> > > Hi;
> > >
> > > I can't get the memory realm to work either. I am
> > still getting the error
> > > below without a login prompt:
> > >
> > >
> > > HTTP Status 403 - Configuration error: Cannot
> > perform access control
> > without
> > > an authenticated principal
> > > type Status report
> > > message Configuration error: Cannot perform access
> > control without an
> > > authenticated principal
> > > description Access to the specified resource
> > (Configuration error: Cannot
> > > perform access control without an authenticated
> > principal) has been
> > > forbidden.
> > > Apache Tomcat/5.0.27
> > >
> > > This has to be something with my application,
> > WEB-INF, server.xml. How
> > > should I proceed to trouble shoot?
> > >
> > > Thanks,
> > >
> > > Luke
> > >
> > > ----- Original Message ----- 
> > > From: "LERBSCHER Jean-Pierre"
> > <jean-pierre.lerbscher@cofiroute.fr>
> > > To: "'Tomcat Users List'"
> > <tomcat-user@jakarta.apache.org>
> > > Sent: Friday, February 11, 2005 12:21 AM
> > > Subject: RE : RE : Security Newbie - Need Help
> > >
> > >
> > > > Could you try MemoryRealm to evict filter
> > mechanisms (like firewall or
> > > > router configuration) between your tomcat serve
> > rand your database ?
> > > >
> > > > As you can see in the servlet specification the
> > security-role element
> > > isn't
> > > > optional.
> > > > <!ELEMENT web-app (icon?, display-name?,
> > description?,
> > > > distributable?, context-param*, filter*,
> > filter-mapping*,
> > > > listener*, servlet*, servlet-mapping*,
> > session-config?, mimemapping*,
> > > > welcome-file-list?, error-page*, taglib*,
> > resourceenv-
> > > > ref*, resource-ref*, security-constraint*,
> > login-config?,
> > > > security-role*, env-entry*, ejb-ref*,
> > ejb-local-ref*)>
> > > >
> > > > -----Message d'origine-----
> > > > De : Luke [mailto:luke@lukeshannon.com]
> > > > Envoy�: vendredi 11 f�rier 2005 08:18
> > > > �: Tomcat Users List
> > > > Objet : Re: RE : Security Newbie - Need Help
> > > >
> > > > Hi Dennis;
> > > >
> > > > Where is IMS defined? Otherwise I have specified
> > everything as you
> > > > recommended. Yet I still get this error once I
> > hit the page (no login
> > > > prompt):
> > > >
> > > >
> > > > HTTP Status 403 - Configuration error: Cannot
> > perform access control
> > > without
> > > > an authenticated principal
> > > > type Status report
> > > > message Configuration error: Cannot perform
> > access control without an
> > > > authenticated principal
> > > > description Access to the specified resource
> > (Configuration error:
> > Cannot
> > > > perform access control without an authenticated
> > principal) has been
> > > > forbidden.
> > > > Apache Tomcat/5.0.28
> > > >
> > > > Thanks,
> > > >
> > > > Luke
> > > >
> > > >
> > > > ----- Original Message ----- 
> > > > From: "Dennis Payne" <DENNIS@mtctrains.com>
> > > > To: <tomcat-user@jakarta.apache.org>
> > > > Sent: Thursday, February 10, 2005 11:23 AM
> > > > Subject: Re: RE : Security Newbie - Need Help
> > > >
> > > >
> > > > > you will not need a roles table for tomcat...
> > it is only useful to
> > your
> > > > own applications that will edit the data. The
> > system only utilizes the
> > the
> > > > user-role table and the user-password table (at
> > least for basic
> > > > authentication).
> > > > >
> > > > > Each servlet in the system  that is secure is
> > setup this way and has
> > an
> > > > associated mapping:
> > > > >
> > > > > <servlet>
> > > > > <servlet-name>EnterAssignment</servlet-name>
> > > > > <display-name>EnterAssignment</display-name>
> > > > > <description>Enter Assignment</description>
> > > > >
> >
> <servlet-class>com.mtc.ims.ia.servlet.EnterAssignment</servlet-class>
> > > > > <security-role-ref>
> > > > > <role-name>IMS</role-name>
> > > > > <role-link>IMS</role-link>
> > > > > </security-role-ref>
> > > > > </servlet>
> > > > >  ...
> > > > >                <servlet-mapping>
> > > > > <servlet-name>EnterAssignment</servlet-name>
> > > > >
> > <url-pattern>/servlet/EnterAssignment</url-pattern>
> > > > > </servlet-mapping>
> > > > >
> > > > > The server.xml contains a reference to the
> > security tables by using
> > the
> > > > <Realm> tag placed as shown (there are other
> > ways to do it) and all  db
> > > > driver jars have been place in the classpath:
> > > > >
> > > > > <Engine defaultHost="localhost"
> > name="Catalina">
> > > > >    <Host appBase="webapps" name="localhost">
> > > > >       <Logger
> > className="org.apache.catalina.logger.FileLogger"
> > > > prefix="localhost_log." suffix=".txt"
> > timestamp="true" />
> > > > >       <Realm
> > className="org.apache.catalina.realm.JDBCRealm"
> > > > connectionName="username"
> > connectionPassword="password"
> > > >
> >
> connectionURL="jdbc:mysql://xxx.xxx.xxx.xxx:3306/dbname"
> > > > driverName="com.mysql.jdbc.Driver"
> > userRoleTable="userrole"
> > > > userTable="userpassword" roleNameCol="userrole"
> > userNameCol="userid"
> > > > userCredCol="passwordid" />
> > > > >    </Host>
> > > > >    <Logger
> > className="org.apache.catalina.logger.FileLogger"
> > > > prefix="catalina_log." suffix=".txt"
> > timestamp="true" />
> > > > >    <Realm
> >
> className="org.apache.catalina.realm.UserDatabaseRealm"
>
> === message truncated ===
>
>
>
>
> __________________________________
> Do you Yahoo!?
> The all-new My Yahoo! - Get yours free!
> http://my.yahoo.com
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message