tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: BASIC authentication problem in tomcat8.0.33
Date Thu, 19 May 2016 11:03:14 GMT
On 18/05/2016 15:33, Venkata Reddy P wrote:
> Hi,
> 
> It looks like below comparison(principal instanceof GenericPrincipal) is failing as I
am returning the CustomizedPrincipal which implements the java.security.Principal.
> 
> Is it something introduced in tomcat7.x/tomcat8.x?

No.

The source code, including full history, is available in svn if you want
to find out how far back this code goes.

Mark


> RealBase.hasRole()
> 
> {
> 
> // Should be overridden in JAASRealm - to avoid pretty inefficient conversions
> 
>         if ((principal == null) || (role == null) ||
> 
>             !(principal instanceof GenericPrincipal))
> 
>             return (false);
> 
> }
> 
> 
> 
> Thanks in advance
> 
> 
> 
> -----Original Message-----
> From: Venkata Reddy P [mailto:Venkata.Reddy@trianz.com]
> Sent: Wednesday, May 18, 2016 5:23 PM
> To: Tomcat Users List
> Subject: RE: BASIC authentication problem in tomcat8.0.33
> 
> 
> 
> This was typo in while writing mail.  When I debug my customized code until it is returning
the principal everything seems to be good from customization point of view.
> 
> Removing the default files'tomcat-users.txt' and   'tomcat-users.xsd' from <catalina_home>\config,
will it make any difference?
> 
> 
> 
> Thanks in advance
> 
> 
> 
> -----Original Message-----
> 
> From: Mark Thomas [mailto:markt@apache.org]
> 
> Sent: Wednesday, May 18, 2016 5:18 PM
> 
> To: Tomcat Users List
> 
> Subject: Re: BASIC authentication problem in tomcat8.0.33
> 
> 
> 
> On 18/05/2016 12:47, Mark Thomas wrote:
> 
>> On 18/05/2016 11:07, Venkata Reddy P wrote:
> 
>>> Hi,
> 
>>>
> 
>>> I have been using the "BASIC authentication" from the tomcat3.x onwards, unfortunately
after migrating to tomcat8.0.33 it is broken.
> 
>>
> 
>> BASIC auth works for me with a clean 8.0.33 install. Therefore this
> 
>> looks like a problem with your custom code.
> 
> 
> 
> And the space after the role name in web.xml might not help either.
> 
> 
> 
> Mark
> 
> 
> 
> 
> 
>>
> 
>> Mark
> 
>>
> 
>>> Could you please help on this what is going wrong?
> 
>>>
> 
>>> Step1)-------Realm customization--------
> 
>>>                 The customized classes are:-
> 
>>>                 a) CustomizedPrincipal implements Principal
> 
>>>                 b) CustomizedRealmBase extends RealmBase   :- this is returning
successful customizedPrincipal to base class and then it is failing with following error.
> 
>>>                                                                         HTTP
Status 403 - Access to the requested resource has been denied
> 
>>>                                                                         type
Status report
> 
>>>                                                                         message
Access to the requested resource has been denied
> 
>>>                                                                         description
Access to the specified resource has been forbidden.
> 
>>> Step2)  I have removed the files 'tomcat-users.txt' and
> 
>>> 'tomcat-users.xsd' from <catalina_home>\config Spte3)-----Web.xml basic
authentication configuration--------
> 
>>>     <security-constraint>
> 
>>>       <display-name>Security Constraint</display-name>
> 
>>>       <web-resource-collection>
> 
>>>          <web-resource-name>Restricted Area</web-resource-name>
> 
>>>          <url-pattern>/*</url-pattern>
> 
>>>       </web-resource-collection>
> 
>>>       <auth-constraint>
> 
>>>          <role-name>bauth </role-name>
> 
>>>       </auth-constraint>
> 
>>>     </security-constraint>
> 
>>>
> 
>>>     <login-config>
> 
>>>       <auth-method>BASIC</auth-method>
> 
>>>       <realm-name>Basic authentication</realm-name>
> 
>>>     </login-config>
> 
>>>
> 
>>> Thanks in advance.
> 
>>>
> 
>>
> 
>>
> 
>> ---------------------------------------------------------------------
> 
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org<mailto:users-unsubscribe@tomcat.apache.org>
> 
>> For additional commands, e-mail: users-help@tomcat.apache.org<mailto:users-help@tomcat.apache.org>
> 
>>
> 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> 
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org<mailto:users-unsubscribe@tomcat.apache.org>
> 
> For additional commands, e-mail: users-help@tomcat.apache.org<mailto:users-help@tomcat.apache.org>
> 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> 
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org<mailto:users-unsubscribe@tomcat.apache.org>
> 
> For additional commands, e-mail: users-help@tomcat.apache.org<mailto:users-help@tomcat.apache.org>
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message