tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Petar Tahchiev" <paranoiabla.li...@gmail.com>
Subject Configuring Single Sign On
Date Tue, 03 Apr 2007 20:17:08 GMT
Hello guys,

my name is Petar Tahchiev and I am currently using Apache Tomcat 6.02 on a
Fedora Core Box with a Java 1.5.0_02
I am having a typical Spring application which uses Acegi security
configuration for it's security mechanism. Users are getting
authenticated towards this application by means of a simple login form.
User credentials are kept in a MySQL database.

Also I am having on the same server a MVNForum application(
http://www.mvnforum.com/mvnforumweb/index.jsp) which again authenticates
users with a form. This time users credentials are kept in a PostgreSQL
database.

Now about my problem. I have such a configuration:
==server.xml===
--------------------------------------------------------------------------

<!-- Note: A "Server" is not itself a "Container", so you may not
define subcomponents such as "Valves" at this level.
Documentation at /docs/config/server.html
-->
<Server port="8005" shutdown="SHUTDOWN">

<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
<!--Initialize Jasper prior to webapps are loaded. Documentation at
/docs/jasper-howto.html -->
<Listener className="org.apache.catalina.core.JasperListener" />
<!-- JMX Support for the Tomcat server. Documentation at /docs/non-
existent.html -->
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
<Listener className="
org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />

<!-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
-->
<GlobalNamingResources>
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
-->
<Resource name="UserDatabase" auth="Container"
type="org.apache.catalina.UserDatabase"
description="User database that can be updated and saved"
factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
pathname="conf/tomcat-users.xml" />
</GlobalNamingResources>

<!-- A "Service" is a collection of one or more "Connectors" that share
a single "Container" Note: A "Service" is not itself a "Container",
so you may not define subcomponents such as "Valves" at this level.
Documentation at /docs/config/service.html
-->
<Service name="Catalina">

<Connector port="8080" protocol="HTTP/1.1"
maxThreads="150" connectionTimeout="20000"
redirectPort="8443" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

<!-- Define a non-SSL HTTP/1.1 Connector on port 2117 (default 8080) -->
<Connector port="2117" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="5" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />


<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009"
enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
<Engine name="Catalina" defaultHost="carmen.homelinux.net">

<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"

driverName="org.postgresql.Driver"

connectionURL="jdbc:postgresql://localhost:5432/maven?user=*****&amp;password=****"

userTable="mvnforummember" userNameCol="membername"
userCredCol="memberpassword"

/>



<Valve className="org.apache.catalina.authenticator.SingleSignOn"
debug="0"/>

<!-- Define the default virtual host
Note: XML Schema validation will not work with Xerces 2.2.
-->
<Host name="carmen.homelinux.net" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">

<Listener className="org.apache.catalina.startup.UserConfig"
directoryName="public_html"
userClass="org.apache.catalina.startup.PasswdUserDatabase"/>

<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="web1_access_log." suffix=".txt"
pattern="common" resolveHosts="false"/>

</Host>
<Valve className="org.apache.catalina.authenticator.SingleSignOn"
debug="0"/>
<Listener className="org.apache.jk.config.ApacheConfig"
modJk="/usr/local/apache2/modules/mod_jk.so"
workersConfig="/usr/local/apache2/conf/workers.properties"/>
</Engine>
</Service>
</Server>

--------------------------------------------------------------------------

Also in each of the web.xml's I have inserted this:
==web.xml===
---------------------------------------------------------------------------
<!-- Below is sample realm configuration to demo MVNForum Single Sign On -->
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
    <web-resource-name>Protected Area</web-resource-name>
    <!-- Define the context-relative URL(s) to be protected -->
    <url-pattern>/*</url-pattern>
    <!-- If you list http methods, only those methods are protected -->
    <http-method>DELETE</http-method>
    <http-method>GET</http-method>
    <http-method>POST</http-method>
    <http-method>PUT</http-method>
</web-resource-collection>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
   <auth-method>FORM</auth-method>
   <realm-name>Example Form-Based Authentication Area</realm-name>
   <form-login-config>
         <form-login-page>/realm/login.jsp</form-login-page>
         <form-error-page>/realm/error.jsp</form-error-page>
   </form-login-config>
</login-config>

---------------------------------------------------------------------------

Yet, still when I login the Spring application and authenticate myself I am
still unlogged in the
forum.

Please if anyone has the solution please let me know.

Thank you everybody.


-- 
Regards, Petar!
Karlovo, Bulgaria.

Public PGP Key at:
http://keyserver.linux.it/pks/lookup?op=get&search=0x1A15B53B761500F9
Key Fingerprint: AA16 8004 AADD 9C76 EF5B  4210 1A15 B53B 7615 00F9

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message