tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Pid <...@pidster.com>
Subject Re: HTTP Status 408!
Date Tue, 22 Jun 2010 12:41:02 GMT
On 22/06/2010 13:25, neo21 zerro wrote:
> Can you provide a hint on how to perform automatic login using BASIC
> authentication?

Did you look at the link I sent?

> Or can I somehow modify the class FormAuthenticator? and tell Tomcat to
> use my custom class....

FormAuthenticator is a Valve, it is automatically added to the Valve
pipeline for each Context it's used with.   Look at the source for
FormAuthenticator.

You can manually define your own Authenticator implementation, in
META-INF/context.xml.

<?xml version="1.0" encoding="UTF-8"?>
<Context
    ...
    reloadable="true">
  <WatchedResource>WEB-INF/web.xml</WatchedResource>

  <Valve className="my.package.MyAuthenticator" />

</Context>


N.B.  Use your own Authenticator and you'll have to make sure every
Tomcat upgrade is thoroughly checked for changes to the related classes.

Tomcat 7.0 will have programmatic login as it implements Servlet 3.0, so
you might only need to do this is a temporary measure.


p

> ------------------------------------------------------------------------
> *From:* Pid <pid@pidster.com>
> *To:* Tomcat Users List <users@tomcat.apache.org>
> *Sent:* Mon, June 21, 2010 7:52:40 PM
> *Subject:* Re: HTTP Status 408!
> 
> On 21/06/2010 17:36, neo21 zerro wrote:
>>
>>
>>  Ok. Something like this ?
>>
>> 
>>
>>        URL protectedResource = new URL("http://localhost:8080/resource");
>>        *URLConnection yc = *protectedResource*.openConnection();*
>>        BufferedReader in = new BufferedReader(
>>                                new InputStreamReader(
>>                                *yc.getInputStream()*));
>>        String inputLine;
>>
>>        while ((inputLine = in.readLine()) != null)
>>            //check if the response is the login page
>>        in.close();
>>         
>>        if(The response is login page){
>>   
>>     
>>            //make another request with to specific params for the
> authentication
>>        }
> 
> It's actually much easier to use BASIC auth if a machine is logging in.
> Look at: http://hc.apache.org/
> 
>>  My question is that in the second request I need to open a browser so
> is the session id of the
>> first request the same with the session id of the second request?
> because the FormAuthenticator need's
>> the session id of the first request to retrieve the protected resource?
> 
> Yes, the session id will be required.  If the URLs are encoded properly
> as per previous discussion, then the form action attribute will be
> re-encoded to incorporate the session id - you'll see how to submit to a
> modified URL if you examine the returned HTML for the login form.
> 
> 
> p
> 
>> ------------------------------------------------------------------------
>> *From:* Pid <pid@pidster.com <mailto:pid@pidster.com>>
>> *To:* Tomcat Users List <users@tomcat.apache.org
> <mailto:users@tomcat.apache.org>>
>> *Sent:* Mon, June 21, 2010 6:19:44 PM
>> *Subject:* Re: HTTP Status 408!
>>
>> On 21/06/2010 15:48, neo21 zerro wrote:
>>>          Ok.I already have send params from my other application to my
>>> Tomcat application and everything goes well, I make this with the
>>> j_security_check on a post method, and I track down the path with the
>>> debug log. The problem is that in the
>>> org.apache.catalina.authenticator.FormAuthenticator in the authenticate
>>> method the user is getting authenticated but when the user should be
>>> redirected to the initial saved request, null is returned.
>>>          So my problem is that I make */programmaticaly
>>>
>> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1
<http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1>
>>
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1
> <http://www.google.ro/search?hl=ro&ei=IXsfTMiCB46C_AaVtpm9DQ&sa=X&oi=spell&resnum=0&ct=result&cd=1&ved=0CCwQBSgA&q=programmaticaly&spell=1>>>
>> /*just
>>> a request to my Tomcat web app authenticating the user per user params
>>> but I need somehow to tell the FormAuthenticator what the saved request
>>> should be. Any ideas?
>>
>> The process is:
>>
>> 1. make a request for a protected resource
>> 2. check the response is what you want,
>>
>> 3. if it's not, but contains a login form
>> 4. submit username & password against form url
>>
>>
>> FormAuthenticator creates the saved request at step 1.
>>
>>
>> p
>>
>>> Thanks!!!
>>>
>>> ------------------------------------------------------------------------
>>> *From:* Pid <pid@pidster.com <mailto:pid@pidster.com>
> <mailto:pid@pidster.com <mailto:pid@pidster.com>>>
>>> *To:* Tomcat Users List <users@tomcat.apache.org
> <mailto:users@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <mailto:users@tomcat.apache.org>>>
>>> *Sent:* Mon, June 21, 2010 5:30:00 PM
>>> *Subject:* Re: HTTP Status 408!
>>>
>>> On 21/06/2010 15:20, neo21 zerro wrote:
>>>> Hello,
>>>>
>>>>  Problem finally solved :) Pid was right my encoding was not ok and a
>>> Cookie was not passed over with the poste of the login page :) I needed
>>> to explicity create a servlet and in that servler add to the response
>>> object the JSSESIONID as a Cookie :)
>>>>
>>>> I have another question can I login from another aplication
>>> programmicaly to my app that runs on Tomcat with custom JAAS login
> module?
>>>
>>> If the other app knows how to perform whatever custom JAAS login you've
>>> built, then I don't see why not.
>>>
>>>
>>> p
>>>
>>>> ________________________________
>>>> From: Martin Gainty <mgainty@hotmail.com
> <mailto:mgainty@hotmail.com> <mailto:mgainty@hotmail.com
> <mailto:mgainty@hotmail.com>>
>> <mailto:mgainty@hotmail.com <mailto:mgainty@hotmail.com>
> <mailto:mgainty@hotmail.com <mailto:mgainty@hotmail.com>>>>
>>>> To: Tomcat Users List <users@tomcat.apache.org
> <mailto:users@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <mailto:users@tomcat.apache.org>>
>>> <mailto:users@tomcat.apache.org <mailto:users@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <mailto:users@tomcat.apache.org>>>>
>>>> Sent: Fri, June 11, 2010 11:16:09 PM
>>>> Subject: RE: HTTP Status 408!
>>>>
>>>>
>>>> can you post all of the code (including the html that houses the flex
>>> components), display the full stacktrace and display environmental
>>> variables from SET
>>>>
>>>> Martin
>>>> ______________________________________________
>>>> standard caveats apply
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>> Date: Fri, 11 Jun 2010 12:32:44 -0700
>>>>> From: neo21_zerro@yahoo.com <mailto:neo21_zerro@yahoo.com>
> <mailto:neo21_zerro@yahoo.com <mailto:neo21_zerro@yahoo.com>>
>> <mailto:neo21_zerro@yahoo.com <mailto:neo21_zerro@yahoo.com>
> <mailto:neo21_zerro@yahoo.com <mailto:neo21_zerro@yahoo.com>>>
>>>>> Subject: Re: HTTP Status 408!
>>>>> To: users@tomcat.apache.org <mailto:users@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <mailto:users@tomcat.apache.org>>
>> <mailto:users@tomcat.apache.org <mailto:users@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <mailto:users@tomcat.apache.org>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> I installed the Tomcat 7 RC but the problem persists.
>>>>> So it's definitely a bug from my app. After the logout is made the
>>> redirect is made from flex(navigateToUrl - function) do you think this
>>> could be an issue?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ________________________________
>>>>> From: Mark Thomas <markt@apache.org <mailto:markt@apache.org>
> <mailto:markt@apache.org <mailto:markt@apache.org>>
>> <mailto:markt@apache.org <mailto:markt@apache.org>
> <mailto:markt@apache.org <mailto:markt@apache.org>>>>
>>>>> To: Tomcat Users List <users@tomcat.apache.org
> <mailto:users@tomcat.apache.org>
>> <mailto:users@tomcat.apache.org <mailto:users@tomcat.apache.org>>
>>> <mailto:users@tomcat.apache.org <mailto:users@tomcat.apache.org>
> <mailto:users@tomcat.apache.org <mailto:users@tomcat.apache.org>>>>
>>>>> Sent: Thu, June 10, 2010 10:35:48 PM
>>>>> Subject: Re: HTTP Status 408!
>>>>>
>>>>> On 10/06/2010 15:39, neo21 zerro wrote:
>>>>>>
>>>>>> Yes I am requesting a protected resource but I don't know why is
>>> this happening.
>>>>>>
>>>>>>
>>>>>> I've tried to set all sort of cookies in my browser but nothing
>>> works.....The problem is that I'm not using jsp like Pid said
>>>>>> and I think I should try to use jsp...for my login page.
>>>>>> Are there other versions of Tomcat ? I mean newer versions, like
7 ?
>>>>>
>>>>> That assumes a) there is a bug in Tomcat and b) that it is fixed in a
>>>>> newer version of 6.0.26.
>>>>>
>>>>> I have yet to see any evidence in this thread that there is a bug in
>>> Tomcat.
>>>>>
>>>>> Mark
>>>>>
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> <mailto:users-unsubscribe@tomcat.apache.org>
>> <mailto:users-unsubscribe@tomcat.apache.org
> <mailto:users-unsubscribe@tomcat.apache.org>>
>>> <mailto:users-unsubscribe@tomcat.apache.org
> <mailto:users-unsubscribe@tomcat.apache.org>
>> <mailto:users-unsubscribe@tomcat.apache.org
> <mailto:users-unsubscribe@tomcat.apache.org>>>
>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
> <mailto:users-help@tomcat.apache.org>
>> <mailto:users-help@tomcat.apache.org
> <mailto:users-help@tomcat.apache.org>>
>>> <mailto:users-help@tomcat.apache.org
> <mailto:users-help@tomcat.apache.org>
>> <mailto:users-help@tomcat.apache.org
> <mailto:users-help@tomcat.apache.org>>>
>>>>>
>>>>>
>>>>>
>>>>                     
>>>> _________________________________________________________________
>>>> The New Busy think 9 to 5 is a cute idea. Combine multiple calendars
>>> with Hotmail.
>>>>
>> http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
<http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>
>>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>>
>>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>
>>
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5
> <http://www.windowslive.com/campaign/thenewbusy?tile=multicalendar&ocid=PID28326::T:WLMTAGL:ON:WL:en-US:WM_HMP:042010_5>>>
>>>>
>>>>
>>>> 
>>>
>>>
>>>
>>
>>
>>
> 
> 
> 



Mime
View raw message