tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Oliver Kohll <oli...@gtwm.co.uk>
Subject Fwd: auth-constraint in web.xml in tomcat 5.5.15
Date Mon, 06 Feb 2006 12:14:52 GMT
Oops no it didn't, my mistake. The app now doesn't prompt for  
authentication at all. Is there a way of getting it to work so that  
the authentication is used but you don't have to hard code roles in  
web.xml?

Regards,

Oliver

Begin forwarded message:

> From: Oliver Kohll <oliver@gtwm.co.uk>
> Date: 6 February 2006 10:54:55 GMT
> To: "Tomcat Users List" <users@tomcat.apache.org>
> Subject: Re: auth-constraint in web.xml in tomcat 5.5.15
>
> Thanks. Commenting out the <auth-constraint> got the result I want.
>
> Oliver
>
> On 3 Feb 2006, at 17:54, Mark Thomas wrote:
>
>> Oliver Kohll wrote:
>>> Hi,
>>>
>>> I have security for a web application managed by a DataSource   
>>> database
>>> realm. Using tomcat 5.5.14 this works fine but in 5.5.15  there  
>>> seems to
>>> be a problem.
>>
>>> The problem seems to be the <role-name>*</role-name> line. If I 

>>> put a
>>> specific role in, users in that role can log in but the * wildcard
>>> doesn't work. A 403 HTTP rejection is issued if the user inputs a
>>> correct username and password (if they put in the wrong username/
>>> password, it prompts again as expected). As users themselves can add
>>> roles to the database, I don't know what the roles may be so I  
>>> have  to
>>> use the wildcard.
>>
>> The special role "*" means all roles specified in web.xml. It does  
>> not
>> mean all roles specified in the realm nor does it mean all
>> authenticated users.
>>
>> The fix for 15570 was to correctly handle "*". It used to be
>> interpreted as all authenticated users. It is now correctly
>> interpreted as all roles defined in web.xml.
>>
>> Mark
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>
> oliver@gtwebmarque.com / 0845 456 1810 / 07814 828608
> Furze Bank, 34 Hanover Street, SWANSEA UK, SA1 6BA
>
>
> NOTE
> No contracts may be concluded on behalf of GT webMarque by means of  
> e-mail
> communications. The contents of this e-mail are confidential to the
> intended recipient at the e-mail address to which it has been  
> addressed;
> it may not be disclosed to or used by anyone other than this  
> addressee,
> nor may it be copied in any way. If received in error please return to
> sender via e-mail.
>
> DISCLAIMER
> Please note that neither GT webMarque Ltd nor the sender accept any
> responsibility for viruses transmitted via e-mail. It is your
> responsibility to scan attachments (if any).
>

oliver@gtwebmarque.com / 0845 456 1810 / 07814 828608
Furze Bank, 34 Hanover Street, SWANSEA UK, SA1 6BA


NOTE
No contracts may be concluded on behalf of GT webMarque by means of e- 
mail
communications. The contents of this e-mail are confidential to the
intended recipient at the e-mail address to which it has been addressed;
it may not be disclosed to or used by anyone other than this addressee,
nor may it be copied in any way. If received in error please return to
sender via e-mail.

DISCLAIMER
Please note that neither GT webMarque Ltd nor the sender accept any
responsibility for viruses transmitted via e-mail. It is your
responsibility to scan attachments (if any).


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message