tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fernando Salazar de Paz <fsalde...@innova.uniovi.es>
Subject RE: Webdav Webfolder issue when container security enabled
Date Mon, 04 Apr 2005 10:15:58 GMT
Win XP Professional, SP2 (Firewall disabled)
J2SDK 1.4.2_06

Installing Tomcat 4.1.31 
Install type:	Normal
NT Service:		Checked
Dir:			C:\Tomcat 4.1
Port:			8080

FILES:
	File A:	BizObj.pdf 		391.413/393.216 bytes	
	(MS Patterns and 	practices)

	File B:	user-guide.pdf	202.259/204.800 bytes	
	(Axis User's guide)

	File C:	manual-a4.pdf	7.045.780/7.049.216 bytes
	(MySql manual)


In Windows....
New Network Site --> http://localhost:8080/webdav

1. 
	I can browse webdav dir
	PROPFIND GET works ok
	I can not PUT, I have to make some changes in
	C:\Tomcat 4.1\webapps\webdav\WEB-INF\web.xml

--------------------------------------------------------------------------
Changes in C:\Tomcat 4.1\webapps\webdav\WEB-INF\web.xml
(Uncomment the following)
    <init-param>
      <param-name>readonly</param-name>
      <param-value>false</param-value>
    </init-param>
--------------------------------------------------------------------------

2. Uncommenting servlet's readonly init parameter:
	I can PUT files
	I can GET recently putted files. PDFs files work ok I can read them
directly from webdav folder


--------------------------------------------------------------------------
Enabling container security

Changes in C:\Tomcat 4.1\webapps\webdav\WEB-INF\web.xml
(Uncomment the following)

  <security-constraint>
    <web-resource-collection>
      <web-resource-name>The Entire Web Application</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>tomcat</role-name>
    </auth-constraint>
  </security-constraint>

  <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>Tomcat Supported Realm</realm-name>
  </login-config>

  <security-role>
    <description>
      An example role defined in "conf/tomcat-users.xml"
    </description>
    <role-name>tomcat</role-name>
  </security-role>

--------------------------------------------------------------------------

		
3. enabling security

	I can PUT files, but

	I can't read any file (FILE A, FILE B) directly from webfolders.

	3.a	Directly from webfolder
	3.a.1 Double-click in webfolder link
	3.a.2 Folder opens showing all files
	3.a.3 double-click on file a or b
	3.a.4 A new iexplore window opens to show the file
	3.a.5 Authentication dialog (using tomcat/tomcat)
	3.a.6 Iexplore tries to download the file: dialog open or save
		I can't either open or save. IE says the site cannot be
found
		It's like an activex control


	3.b From IE 
	3.b.1	In IE http://localhost:8080/webdav
	3.b.2 Shows auth dialog (tomcat/tomcat)
	3.b.3 Redirects IE to http://localhost:8080/webdav/index.html 
	(welcome file)
	3.b.4 Trying http://localhost:8080/webdav/BizObj.pdf (changing
	The URL) FAILS ¿? (I am confused). The same error as in 3.a


	3.c Copy & Paste from webfolder
	3.c.1 Double-click in webfolder link
	3.c.2 Copy (FILE b)
	3.c.2 (in desktop) Paste
	Works, I can read pdf file double-clicking it in desktop


Restarting Tomcat 4.1 service has no effect

I don't know why I cannot get listings for http://localhost:8080/webdav
Prior to this test I think I could see the files and IE worked ok.
    <init-param>
      <param-name>listings</param-name>
      <param-value>true</param-value>
    </init-param>


Disabling authentication, Webfolders, IE,... works fine

	

		
	



	



-----Mensaje original-----
De: Mark Thomas [mailto:markt@apache.org] 
Enviado el: viernes, 01 de abril de 2005 20:23
Para: Tomcat Users List
Asunto: Re: Webdav Webfolder issue when container security enabled

Put together some full step-by-step instructions (from a clean install 
of 4.1.x or 5.5.x) and I'll take another look.

Mark

Fernando Salazar de Paz wrote:
> Another thing
> 
> I have problems using tcpmon from Axis. "Index Out of Bounds exceptions"
> when I put the files, and so on.
> 
> I have used ethereal to sniff network traffic.
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org


Mime
View raw message