tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Anthony Jay" <anthony...@fastmail.fm>
Subject Re: Contexts and Path and Authentication
Date Thu, 10 Dec 2009 09:19:39 GMT
What's the problem with doing:

  /xml/        --> basic auth
  /xml/secure/ --> basic auth

<Tony>I cannot change URL as this is a working application and XML
consumers must notice no difference.

Then this bit of the app can be deployed as xml.war and the other as 
ROOT.war.  Modifying your URL namespaces would seem to be a logical 
improvement.
<Tony>No doubt about that but this is what I have to work with</Tony>

If needs be, you can redirect /secure/xml/ requests from the ROOT app to 
the xml app.

<Tony>As mentioned I'm having difficulty with UrlRewriteFilter and
Tomcat 6</Tony>

Thanks for the input, all ideas are most welcome!
Tony
</Tony>



On 09/12/2009 21:07, Anthony Jay wrote:
> Hi All,
>     I am having tremendous difficulty configuring contexts on tomcat.
> I've had to split my perfectly working application into two applications
> as the jsp now requires Form based authentication and the XML components
> require Http Basic authentication as before. As I've learned the very
> hard way I cannot do both within the same application without writing my
> own security plumbing.
> So I've taken peoples advice and made one war file formauth.war with all
> jsp and related servlets which uses form based auth and also created
> basicauth.war which contains all xml servlet configuration, I put the
> common libs into tomcat/lib directory (to handle Statics and singletons
> and DB stuff)  Two apps, two authentication mechanisms. Messy but I
> could see no other way.
>
> My jsps etc are contained on the path /secure/xxx and /secure/yyy as
> well as /public/*
> But my XML URL pattern for servlets is
> /secure/xml/* and /xml/* which are declared in web.xml
>
> Individually each war when deployed seem to work fine except for the
> uri/path configuration.
> i.e. URL prepended with /formauth/ or /basicauth/ prefixes.
> Currently this works:
> /formauth/secure/yyy  -->Form based auth
> /formauth/secure/xxx  -->Form based auth
> /formauth/public/  -->Form based auth
> /basicauth/secure/xml/  -->basic auth
> /basicauth/xml/  -->basic auth
> etc.
> Which is not what I want, the application must work as before.
>
> /secure/yyy  -->Form based auth
> /secure/xxx  -->Form based auth
> /public/  -->Form based auth
> /secure/xml/  -->basic auth
> /xml/  -->basic auth

What's the problem with doing:

  /xml/        --> basic auth
  /xml/secure/ --> basic auth

Then this bit of the app can be deployed as xml.war and the other as 
ROOT.war.  Modifying your URL namespaces would seem to be a logical 
improvement.

If needs be, you can redirect /secure/xml/ requests from the ROOT app to 
the xml app.


p

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message