tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anthony Jay" <anthony...@fastmail.fm>
Subject Contexts and Path and Authentication
Date Wed, 09 Dec 2009 21:07:21 GMT
Hi All,
   I am having tremendous difficulty configuring contexts on tomcat.
I've had to split my perfectly working application into two applications
as the jsp now requires Form based authentication and the XML components
require Http Basic authentication as before. As I've learned the very
hard way I cannot do both within the same application without writing my
own security plumbing.
So I've taken peoples advice and made one war file formauth.war with all
jsp and related servlets which uses form based auth and also created
basicauth.war which contains all xml servlet configuration, I put the
common libs into tomcat/lib directory (to handle Statics and singletons
and DB stuff)  Two apps, two authentication mechanisms. Messy but I
could see no other way.

My jsps etc are contained on the path /secure/xxx and /secure/yyy as
well as /public/*
But my XML URL pattern for servlets is
/secure/xml/* and /xml/* which are declared in web.xml

Individually each war when deployed seem to work fine except for the
uri/path configuration.
i.e. URL prepended with /formauth/ or /basicauth/ prefixes. 
Currently this works:
/formauth/secure/yyy  -->Form based auth
/formauth/secure/xxx  -->Form based auth
/formauth/public/  -->Form based auth
/basicauth/secure/xml/  -->basic auth
/basicauth/xml/  -->basic auth
etc.
Which is not what I want, the application must work as before. 

/secure/yyy  -->Form based auth
/secure/xxx  -->Form based auth
/public/  -->Form based auth
/secure/xml/  -->basic auth
/xml/  -->basic auth

I need to remove the /formauth/ and /basicauth/ directories and my pain
will subside. From everything that I have read this SHOULD be possible
when configuring the context element.
My issue now is that trying to overlap the contexts will not work for
me. 
I can only get one war to work at at time (as default context) using
Server.xml
<Context docBase="formauth" path=""/>  when war is deployed in the
webapps folder.
I have tried 
<Context docBase="formauth" path="secure/xxx"/>
and many different combinations but I can never remove the /formauth/ or
/basicauth/ prefixes except when one is set as default, but then I
cannot configure the other context.

A little advice here should go a long way as I've read
http://tomcat.apache.org/tomcat-6.0-doc/config/context.html
and related pages and posts about a fifty times as well as sample
setups. I'm really pulling my hair out now.....this is taking me
waaaaaay too long.
There are many brownie points going for this one.

Tony

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message