tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Frank McCown <>
Subject Help getting form-based authentication example working
Date Tue, 01 May 2007 18:37:37 GMT

I'm having problems getting the form-based authentication example that 
ships with Tomcat 6 to work properly.

I have followed all the instructions at

to make the form authentication example using MemoryRealm to work for


but when I access this URL, I get the protected page that says:

You are logged in as remote user null in session BLAH...
No user principal could be identified.

I understand that this page should redirect me to the login.jsp page 
instead where I can enter user1/test.

Here's what I did:


<Realm className="org.apache.catalina.realm.MemoryRealm" />


   <role rolename="tomcat"/>
   <role rolename="role1"/>
   <user username="user2" password="test" roles="role1"/>
   <user username="user1" password="test" roles="tomcat"/>


       <display-name>Example Security Constraint</display-name>
          <web-resource-name>Protected Area</web-resource-name>
	 <!-- Define the context-relative URL(s) to be protected -->
	 <!-- If you list http methods, only those methods are protected -->
          <!-- Anyone with one of the listed roles may access this area -->

     <!-- Default login configuration uses form-based authentication -->
       <realm-name>Example Form-Based Authentication Area</realm-name>

Any help would be much appreciated.  I'm running Tomcat on a Solaris 
workstation and accessing it from my Windows client with Firefox.


Frank McCown
Old Dominion University

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message