You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by Jonathan Pierce <Jo...@seagram.com> on 2002/02/11 16:46:07 UTC

Re[2]: Connectors, Realms, 4.0.2b2 - 403 Access Denied

I need new builds of the iisapi connector for 4.0.2.

Are there plans to post binaries of the connectors for 4.0.2? I need the updated
version to fix this bug, and there are no
http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.0.2/bin/jakarta-t
omcat-connectors-4.0.2 files.

I've downloaded
http://jakarta.apache.org/builds/jakarta-tomcat-4.0/release/v4.0.2/src/jakarta-t
omcat-connectors-4.0.2-src.zip and attempted to build the iis, and iisapi
connectors with the Visual Studio projects, but I get build errors because of
missing files referenced in the /native2 directory.

Also, which version of the iisapi connector should I be using for iisapi? There
are two directories jakarta-tomcat-connectors-4.0.2-src\jk\native\iis and
jakarta-tomcat-connectors-4.0.2-src\jk\native\iisapi and am not sure which one
is stable.

Also, what is the distinction between files in the native and files in the
native2 directories? It looks like some of the projects in the native directory
reference files in the native2 directory.

Jonathan

____________________Reply Separator____________________
Subject:    Re: Connectors, Realms, 4.0.2b2 - 403 Access Denied
Author: "Tomcat Developers List" <to...@jakarta.apache.org>
Date:       2/5/2002 8:04 PM

There was a bug in the Tomcat 4 AJP code which caused this.  That bug was
fixed within the last week in the jakarta-tomcat-connectors CVS repository.

I don't know when this will get into the Tomcat 4 distribution.

Regards,

Glenn

Jonathan Pierce wrote:
> 
> I'm posting this question a second time since I am not sure if mailer problems
> on my end prevented it from reaching the list and I got no responses on the
> issue.
> 
> The security implementation in Tomcat 4.0.2b2 and earlier seems to depend on
> using redirect urls. This doesn't seem to work correctly with connectors such
as
> the IISAPI IIS connector.
> 
> What is the strategy for supporting basic or form based authentication through
> connectors? Should this be implemented without using redirect?
> 
> I've configured Tomcat4.0.2b2 with the AJP 1.3 Connector and successfully
> installed the iisapi dll from Tomcat3.3 into IIS. I am attempting to serve a
> protected page through the connector using the protected realm example.
> 
> When I hit the page directly on port 8080, I get the expected login form
> challenge behavior. When I hit the page through the connector, I get a 403
> access denied error.
> 
> Is serving protected pages through connectors supposed to be supported in
4.0.2?
> 
> http://localhost:8080/examples/jsp/security/protected/index.jsp redirects to
the
> login screen as expected.
> 
> http://localhost/examples/jsp/security/protected/index.jsp
> returns 403 - Access to the requested resource has been denied
> 
> -Jonathan
> 
> *****************************************************************************
> This email and any files transmitted with it are for the named person's use
only.  It may contain confidential, proprietary or legally privileged
information.  No confidentiality or privilege is waived or lost by any
mistransmission. If you receive this message in error, please immediately delete
it and all copies of it from your system, destroy any hard copies of it and
notify the sender.  You must not, directly or indirectly, use, disclose,
distribute, print, or copy any part of this message if you are not the intended
recipient.
> 
> This email message has been swept by a virus software product for the presence
of computer viruses.
> *****************************************************************************
> 
> --
> To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>

-- 
----------------------------------------------------------------------
Glenn Nielsen             glenn@more.net | /* Spelin donut madder    |
MOREnet System Programming               |  * if iz ina coment.      |
Missouri Research and Education Network  |  */                       |
----------------------------------------------------------------------

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>


*****************************************************************************
This email and any files transmitted with it are for the named person's use only.  It may contain confidential, proprietary or legally privileged information.  No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender.  You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. 

This email message has been swept by a virus software product for the presence of computer viruses. 
*****************************************************************************

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>