tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Leone <midnightj...@verizon.net>
Subject Can't authenticate to admin, tried everything
Date Sun, 30 Apr 2006 04:08:58 GMT
I have tomcat 5.5.17 and I recently downloaded the admin web app. I 
can't seem to find a way to authenticate to it. I have an existing 
JDBCRealm that works fine with the manager web app, using digested 
passwords. I added a user with a non-digested password, since admin uses 
FORM authentication, but I still get authenticate failures.

Below is what I have for server\webapps\admin\WEB-INF\web.xml (just the 
relevant portion, where teh security constraints are defined). I just 
modified the realm name to point to the aforementioned JDBCRealm. I have 
a user registered there with non-digested password whose role is admin, 
but I still get authentication failures  when I try to access admin. I 
also tried configuring the UserDatabaseRealm using 
conf\tomcat-users.xml, just to get another data point, and that didn't 
work either. Anyone know what I'm missing??

-Mark

<security-constraint>
    <display-name>Tomcat Server Configuration Security 
Constraint</display-name>
    <web-resource-collection>
      <web-resource-name>Protected Area</web-resource-name>
      <!-- Define the context-relative URL(s) to be protected -->
      <url-pattern>*.jsp</url-pattern>
      <url-pattern>*.do</url-pattern>
      <url-pattern>*.html</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <!-- Anyone with one of the listed roles may access this area -->
      <role-name>admin</role-name>
    </auth-constraint>
  </security-constraint>

  <!-- Login configuration uses form-based authentication -->
  <login-config>
    <auth-method>FORM</auth-method>
    <realm-name>JDBCRealm</realm-name>
    <form-login-config>
      <form-login-page>/login.jsp</form-login-page>
      <form-error-page>/error.jsp</form-error-page>
    </form-login-config>
  </login-config>

  <!-- Security roles referenced by this web application -->
  <security-role>
    <description>
      The role that is required to log in to the Administration Application
    </description>
    <role-name>admin</role-name>
  </security-role>



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message