tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier (tomcat) ...@ice-sa.com>
Subject Re: using filter on web.xml
Date Sun, 15 May 2016 12:09:12 GMT
On 15.05.2016 13:58, Francesco Viscomi wrote:
> Hi all,
> I've declared a filter in web.xm as:
>
> <filter>
>              <filter-name>ShibbolethHeaderReaderFilter</filter-name>
>              <display-name>ShibbolethHeaderReaderFilter
> IdPC</display-name>
>              <description></description>
>
> <filter-class>it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc</filter-class>
>
>              <init-param>
>                  <param-name>configurationFile</param-name>
>
> <param-value>resources/shibboleth-spp-config.xml</param-value>
>              </init-param>
>          </filter>
>
>          <filter-mapping>
>              <filter-name>ShibbolethHeaderReaderFilter</filter-name>
>              <url-pattern>/protected/*</url-pattern>
>          </filter-mapping>
>
>
>
>
> where it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc
> is a jar file that i don't know the source;
>
>
> Now i do i call as:
> http://localhost:8080/srlo/protected/login.html
>
> and i get HTTP Status 404 the resource is not available.
>
>
>
>
> My question is, why the filter do not activated: in the url the is the word
> protect and the mapping of the filter is
> <url-pattern>/protected/*</url-pattern>
>

I don't know the details of it, and not much at all about Shibollet, but usually in an 
authentication scenario which involves a login page to authenticate a user, one would not

include the login page in question, in the area that is protected by the authentication.
This would ususally result in an endless logic loop.
Think about it.



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message