You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Rich Holladay <ri...@hksystems.com> on 2000/04/11 23:36:58 UTC
request.isUserInRole("working")?
I'm trying to use request.isUserInRole() in my jsp pages. (Mar 27th
binary distribution).
It's returning false no matter what login I use.
tomcat-users.xml:
<tomcat-users>
<user name="tomcat" password="tomcat" roles="tomcat" />
<user name="admin" password="admin" roles="administrator" />
<user name="owner" password="owner" roles="inventory-owner" />
<user name="vendor" password="vendor" roles="vendor" />
</tomcat-users>
I'm using <auth-method>FORM</auth-method> since that was the default in
the distribution,
and since I can't seem to get BASIC to work. The login behavior is
pretty much correct.
It only lets me execute my <web-resource-collection> when I login with a
correct user/password.
Is request.isUserInRole() known to work?
Re: request.isUserInRole("working")?
Posted by Rich Holladay <ri...@hksystems.com>.
1) Can you point me to which code I might debug in order to determine why my Netscape
browser gives "wrong user/password" error in the Tomcat DOS window when I use any of the
correct logins?
2) When I switch to <auth-method>EXPERIMENTAL_FORM Netscape still displays a "Username and
Password Required" dialog for user info entry, not the login.jsp. I can tell it's using the
right auth-method because the dialog says "Enter username for Example Form-Based
Authentication Area at sea05079:" In IE I get the same behavior as before with
EXPERIMENTAL_FORM - it hangs.
Should I be using bugzilla at this point?
"Craig R. McClanahan" wrote:
> Rich Holladay wrote:
>
> > AHA, Netscape 4.7 presents a login dialog! Unfortunately when I enter tomcat/tomcat
> > I get an "Authorization failed" error. Same result with role1/tomcat & both/tomcat.
> >
>
> Netscape (both Windows and Linux based) gives me the login dialog on all server-side
> JVMs/OSs that I've tried (not universal, but some). In all cases I could successfully
> log in to the default 3.1rc1 release with all of the usernames listed in
> conf\tomcat-users.xml. Aside from the obvious question ("did you use lower case?" :-) I
> don't know what to tell you on that one.
>
> IE looks to me like it's just returning a blank page, rather than hanging. I need to do
> some more spelunking of what it's actually seeing on the socket, to see if I can
> convince it to display the dialog.
>
> Craig
>
Re: request.isUserInRole("working")?
Posted by "Craig R. McClanahan" <Cr...@eng.sun.com>.
Rich Holladay wrote:
> AHA, Netscape 4.7 presents a login dialog! Unfortunately when I enter tomcat/tomcat
> I get an "Authorization failed" error. Same result with role1/tomcat & both/tomcat.
>
Netscape (both Windows and Linux based) gives me the login dialog on all server-side
JVMs/OSs that I've tried (not universal, but some). In all cases I could successfully
log in to the default 3.1rc1 release with all of the usernames listed in
conf\tomcat-users.xml. Aside from the obvious question ("did you use lower case?" :-) I
don't know what to tell you on that one.
IE looks to me like it's just returning a blank page, rather than hanging. I need to do
some more spelunking of what it's actually seeing on the socket, to see if I can
convince it to display the dialog.
Craig
>
> Rich Holladay wrote:
>
> > OK. I've installed RC1. It's working fine in the sense that the JSP examples
> > work, my JSPs with taglibs still work, etc.
> >
> > Authentication isn't working, though. I didn't modify the conf files. When I go
> > to
> > http://localhost:8080/examples/jsp/security/protected
> > my browser hangs (IE 5.00.2314.1003). I have to kill it from the task manager.
> >
> > Ideas?
> >
>
> --------------------------------------------------------------------------
> To unsubscribe, email: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commmands, email: tomcat-user-help@jakarta.apache.org
Re: request.isUserInRole("working")?
Posted by Rich Holladay <ri...@hksystems.com>.
AHA, Netscape 4.7 presents a login dialog! Unfortunately when I enter tomcat/tomcat
I get an "Authorization failed" error. Same result with role1/tomcat & both/tomcat.
Rich Holladay wrote:
> OK. I've installed RC1. It's working fine in the sense that the JSP examples
> work, my JSPs with taglibs still work, etc.
>
> Authentication isn't working, though. I didn't modify the conf files. When I go
> to
> http://localhost:8080/examples/jsp/security/protected
> my browser hangs (IE 5.00.2314.1003). I have to kill it from the task manager.
>
> Ideas?
>
Re: request.isUserInRole("working")?
Posted by Rich Holladay <ri...@hksystems.com>.
OK. I've installed RC1. It's working fine in the sense that the JSP examples
work, my JSPs with taglibs still work, etc.
Authentication isn't working, though. I didn't modify the conf files. When I go
to
http://localhost:8080/examples/jsp/security/protected
my browser hangs (IE 5.00.2314.1003). I have to kill it from the task manager.
Ideas?
"Craig R. McClanahan" wrote:
> Rich Holladay wrote:
>
> > I'm trying to use request.isUserInRole() in my jsp pages. (Mar 27th
> > binary distribution).
> > It's returning false no matter what login I use.
> >
> > tomcat-users.xml:
> > <tomcat-users>
> > <user name="tomcat" password="tomcat" roles="tomcat" />
> > <user name="admin" password="admin" roles="administrator" />
> > <user name="owner" password="owner" roles="inventory-owner" />
> > <user name="vendor" password="vendor" roles="vendor" />
> > </tomcat-users>
> >
> > I'm using <auth-method>FORM</auth-method> since that was the default in
> > the distribution,
> > and since I can't seem to get BASIC to work. The login behavior is
> > pretty much correct.
> > It only lets me execute my <web-resource-collection> when I login with a
> > correct user/password.
> >
> > Is request.isUserInRole() known to work?
> >
>
> It works, along with BASIC, in the release candidate 1 distribution. In fact,
> the resource that you access when using the example (which now defaults to
> BASIC) lets you exercize this by asking whether the user id you logged on with
> has been granted a specific role or not.
>
> http://localhost:8080/examples/jsp/security/protected
>
> Could you please download the release candidate 1 distribution
> (http://jakarta.apache.org/builds/tomcat/release/v3.1_rc1) and try again?
>
> Craig McClanahan
>
> --------------------------------------------------------------------------
> To unsubscribe, email: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commmands, email: tomcat-user-help@jakarta.apache.org
Re: request.isUserInRole("working")?
Posted by "Craig R. McClanahan" <Cr...@eng.sun.com>.
Rich Holladay wrote:
> I'm trying to use request.isUserInRole() in my jsp pages. (Mar 27th
> binary distribution).
> It's returning false no matter what login I use.
>
> tomcat-users.xml:
> <tomcat-users>
> <user name="tomcat" password="tomcat" roles="tomcat" />
> <user name="admin" password="admin" roles="administrator" />
> <user name="owner" password="owner" roles="inventory-owner" />
> <user name="vendor" password="vendor" roles="vendor" />
> </tomcat-users>
>
> I'm using <auth-method>FORM</auth-method> since that was the default in
> the distribution,
> and since I can't seem to get BASIC to work. The login behavior is
> pretty much correct.
> It only lets me execute my <web-resource-collection> when I login with a
> correct user/password.
>
> Is request.isUserInRole() known to work?
>
It works, along with BASIC, in the release candidate 1 distribution. In fact,
the resource that you access when using the example (which now defaults to
BASIC) lets you exercize this by asking whether the user id you logged on with
has been granted a specific role or not.
http://localhost:8080/examples/jsp/security/protected
Could you please download the release candidate 1 distribution
(http://jakarta.apache.org/builds/tomcat/release/v3.1_rc1) and try again?
Craig McClanahan