tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Emsley, I (Iain)" <I.Ems...@rl.ac.uk>
Subject JAAS modules being ignored by Tomcat
Date Tue, 03 Jun 2008 15:58:43 GMT
Hello, 
 
I've just deployed a JAAS module onto Tomcat 5.5.23 into the server/lib
file to read a cookie and authenticate via that method for the url:
localhost:8080/ucal. However one of the applications that I'm trying to
log into currently has form-based authentication set in its web.xml:
<login-config>
    <auth-method>FORM</auth-method>
    <realm-name>demo</realm-name>
    <form-login-config>
      <form-login-page>/docs/login/login.html</form-login-page>
      <form-error-page>/docs/login/error.html</form-error-page>
    </form-login-config>
  </login-config>
 
This is causes an error in which the entire JAAS module is bypassed and
so the resource remains locked up. 
 
I've commented this out and restarted Tomcat but if I click on the above
link, I still get the form which I'm trying to bypass. I've set the
following contraints in the tomcat/conf/web.xml:
<security-constraint>
             <display-name>Bedework</display-name>
             <web-resource-collection>
                 <web-resource-name>Bedework</web-resource-name>
                 <description>Resource Calendars</description>
                 <url-pattern>/ucal/*</url-pattern>
                 <http-method>GET</http-method>
                 <http-method>POST</http-method>
             </web-resource-collection>
             <auth-constraint>
                 <description/>
                 <role-name>*</role-name>
                 </auth-constraint>
        </security-constraint>
         
         <security-role>
             <description>Administrators</description>
             <role-name>admin</role-name>
   </security-role>
   <security-role>
                <description>Users</description>
                <role-name>user</role-name>
   </security-role>
 
I'd be grateful for any help or advice in getting my login module to
work correctly. 
 
MTIA, 
 
Iain
 
Iain Emsley
 
 

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message