Return-Path: Delivered-To: apmail-tomcat-users-archive@www.apache.org Received: (qmail 82153 invoked from network); 7 Feb 2008 16:01:54 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 7 Feb 2008 16:01:54 -0000 Received: (qmail 37050 invoked by uid 500); 7 Feb 2008 16:01:36 -0000 Delivered-To: apmail-tomcat-users-archive@tomcat.apache.org Received: (qmail 37022 invoked by uid 500); 7 Feb 2008 16:01:36 -0000 Mailing-List: contact users-help@tomcat.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: "Tomcat Users List" Delivered-To: mailing list users@tomcat.apache.org Received: (qmail 37011 invoked by uid 99); 7 Feb 2008 16:01:36 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Feb 2008 08:01:36 -0800 X-ASF-Spam-Status: No, hits=1.2 required=10.0 tests=SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [76.96.62.17] (HELO QMTA10.westchester.pa.mail.comcast.net) (76.96.62.17) by apache.org (qpsmtpd/0.29) with ESMTP; Thu, 07 Feb 2008 16:01:19 +0000 Received: from OMTA01.westchester.pa.mail.comcast.net ([76.96.62.11]) by QMTA10.westchester.pa.mail.comcast.net with comcast id mddv1Y00d0EZKEL5A0HG00; Thu, 07 Feb 2008 16:00:55 +0000 Received: from [192.168.1.125] ([68.50.0.179]) by OMTA01.westchester.pa.mail.comcast.net with comcast id mg191Y00L3rjQ2C3M00000; Thu, 07 Feb 2008 16:01:10 +0000 X-Authority-Analysis: v=1.0 c=1 a=A52m20LilsgA:10 a=xe8BsctaAAAA:8 a=HMmlhTT23pfSAiaSAhsA:9 a=3BlKqqpcVLUq0HjiBwIA:7 a=iv7YXqyVlnfegm4ggz8zUTeD2NwA:4 a=rPt6xJ-oxjAA:10 Message-ID: <47AB2B45.2020003@christopherschultz.net> Date: Thu, 07 Feb 2008 11:01:09 -0500 From: Christopher Schultz User-Agent: Thunderbird 2.0.0.9 (Windows/20071031) MIME-Version: 1.0 To: Tomcat Users List Subject: Re: in Tomcat container-based authN is there a way to redirect logins to a URL? References: <47AB1991.1070003@duke.edu> <47AB1E38.5070201@christopherschultz.net> <47AB2497.8010009@duke.edu> In-Reply-To: <47AB2497.8010009@duke.edu> X-Enigmail-Version: 0.95.6 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Virus-Checked: Checked by ClamAV on apache.org -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Gary, Gary Weaver wrote: | I get the following error, because those two page elements are relative | to the webapp and not to the host part of the URL: | | HTTP Status 404 - /caladmin/Shibboleth.sso/Login :( Yeah, the spec says: "The form-login-page element defines the location in the web ~ app where the page that can be used for login can be ~ found. The path begins with a leading / and is interpreted ~ relative to the root of the WAR." Okay, there's one more trick you can try. Keep the form-login-config the way you have it in web.xml and add a filter (which may not work, either). Write a filter that always redirects to "/Shibboleth.sso/Login" (without adding the webapp's context path) no matter what, and install it so that it intercepts requests to "/Shibboleth.sso/Login" (which will include the context path). If it works, it will take a request to /caladmin/Shibboleth.sso/Login (which is what Tomcat's authenticator generates) and perform a redirtect to the URL that you really want. A little hack-y, but it might work. Another non-filter option would be to create a JSP for the login that performs the redirect. That might be a bit cleaner because the logic will be easier to follow (rather than having to simply know that there's a filter out there doing evil things). Hope that helps, - -chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkerK0UACgkQ9CaO5/Lv0PADVACgjSUmiRY024lWZohxeG1UuHtI cfMAoKGEct0vIG6Cnh5WJNMmyTyyi6R9 =nuVm -----END PGP SIGNATURE----- --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org For additional commands, e-mail: users-help@tomcat.apache.org