tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Petar Tahchiev" <>
Subject Configuring Single Sign On
Date Tue, 03 Apr 2007 20:17:08 GMT
Hello guys,

my name is Petar Tahchiev and I am currently using Apache Tomcat 6.02 on a
Fedora Core Box with a Java 1.5.0_02
I am having a typical Spring application which uses Acegi security
configuration for it's security mechanism. Users are getting
authenticated towards this application by means of a simple login form.
User credentials are kept in a MySQL database.

Also I am having on the same server a MVNForum application( which again authenticates
users with a form. This time users credentials are kept in a PostgreSQL

Now about my problem. I have such a configuration:

<!-- Note: A "Server" is not itself a "Container", so you may not
define subcomponents such as "Valves" at this level.
Documentation at /docs/config/server.html
<Server port="8005" shutdown="SHUTDOWN">

<!--APR library loader. Documentation at /docs/apr.html -->
<Listener className="org.apache.catalina.core.AprLifecycleListener"
SSLEngine="on" />
<!--Initialize Jasper prior to webapps are loaded. Documentation at
/docs/jasper-howto.html -->
<Listener className="org.apache.catalina.core.JasperListener" />
<!-- JMX Support for the Tomcat server. Documentation at /docs/non-
existent.html -->
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" />
<Listener className="
org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />

<!-- Global JNDI resources
Documentation at /docs/jndi-resources-howto.html
<!-- Editable user database that can also be used by
UserDatabaseRealm to authenticate users
<Resource name="UserDatabase" auth="Container"
description="User database that can be updated and saved"
pathname="conf/tomcat-users.xml" />

<!-- A "Service" is a collection of one or more "Connectors" that share
a single "Container" Note: A "Service" is not itself a "Container",
so you may not define subcomponents such as "Valves" at this level.
Documentation at /docs/config/service.html
<Service name="Catalina">

<Connector port="8080" protocol="HTTP/1.1"
maxThreads="150" connectionTimeout="20000"
redirectPort="8443" />
<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009" protocol="AJP/1.3" redirectPort="8443" />

<!-- Define a non-SSL HTTP/1.1 Connector on port 2117 (default 8080) -->
<Connector port="2117" maxHttpHeaderSize="8192"
maxThreads="150" minSpareThreads="5" maxSpareThreads="75"
enableLookups="false" redirectPort="8443" acceptCount="100"
connectionTimeout="20000" disableUploadTimeout="true" />

<!-- Define an AJP 1.3 Connector on port 8009 -->
<Connector port="8009"
enableLookups="false" redirectPort="8443" protocol="AJP/1.3" />
<Engine name="Catalina" defaultHost="">

<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"



userTable="mvnforummember" userNameCol="membername"


<Valve className="org.apache.catalina.authenticator.SingleSignOn"

<!-- Define the default virtual host
Note: XML Schema validation will not work with Xerces 2.2.
<Host name="" appBase="webapps"
unpackWARs="true" autoDeploy="true"
xmlValidation="false" xmlNamespaceAware="false">

<Listener className="org.apache.catalina.startup.UserConfig"

<Valve className="org.apache.catalina.valves.AccessLogValve"
directory="logs" prefix="web1_access_log." suffix=".txt"
pattern="common" resolveHosts="false"/>

<Valve className="org.apache.catalina.authenticator.SingleSignOn"
<Listener className="org.apache.jk.config.ApacheConfig"


Also in each of the web.xml's I have inserted this:
<!-- Below is sample realm configuration to demo MVNForum Single Sign On -->
<display-name>Example Security Constraint</display-name>
    <web-resource-name>Protected Area</web-resource-name>
    <!-- Define the context-relative URL(s) to be protected -->
    <!-- If you list http methods, only those methods are protected -->
<!-- Default login configuration uses form-based authentication -->
   <realm-name>Example Form-Based Authentication Area</realm-name>


Yet, still when I login the Spring application and authenticate myself I am
still unlogged in the

Please if anyone has the solution please let me know.

Thank you everybody.

Regards, Petar!
Karlovo, Bulgaria.

Public PGP Key at:
Key Fingerprint: AA16 8004 AADD 9C76 EF5B  4210 1A15 B53B 7615 00F9

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message