You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Nicolas Clemeur <nc...@daesim.com> on 2007/09/24 14:47:27 UTC
Cactus Authentication problem with Tomcat > 5.5.20
Hello all,
I am having some difficulties to setup cactus tests using
tomcat > 5.5.20 (Everything works fine with 5.5.20).
I am using form authentication in cactus tests (as described
on the cactus web site). When I look at the generated request,
I get the authentication layer called with all the parameters
needed for the test (service name, class,...), but when the
request for the actual test is generated it is missing all the
parameters to run the test. So I am suspecting something must
have change in tomcat (nothing has changed in the cactus
environment) in the way the authentication calls are handled
in tomcat post 5.5.20 (I have tried 5.5.23 and 5.5.25).
If I disable authentication all is working fine again. For the
authentication layer we use a JDBC Realm. Outside cactus tests
the webapp is working fine in 5.5.25.
I would really appreciate if anyone would have an idea where
I should look at as I am really having a hard time to understand
where these parameters get swallowed.
Regards
Nicolas
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Cactus Authentication problem with Tomcat > 5.5.20
Posted by Kazuhito SUGURI <su...@lab.ntt.co.jp>.
Ah, I should see destination address carefully.
In article <20...@lab.ntt.co.jp>,
Fri, 28 Sep 2007 20:59:56 +0900 (JST),
Kazuhito SUGURI <su...@lab.ntt.co.jp> wrote:
suguri> Please find the code (and diff) attached.
The FormAuthentication is a part of Cactus, not of Tomcat.
If my posts confused you, sorry for that.
----
Kazuhito SUGURI
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Cactus Authentication problem with Tomcat > 5.5.20
Posted by Kazuhito SUGURI <su...@lab.ntt.co.jp>.
Hi Nicolas,
In article <20...@lab.ntt.co.jp>,
Fri, 28 Sep 2007 20:39:40 +0900 (JST),
Kazuhito SUGURI <su...@lab.ntt.co.jp> wrote:
suguri> I have modified the FormAuthentication class so that
suguri> the form authentication would work with both Tomcat 5.5.20
suguri> and 5.5.23.
suguri>
suguri> I'll post the (dirty ;-<) code later.
Please find the code (and diff) attached.
Hope this helps.
----
Kazuhito SUGURI
Re: Cactus Authentication problem with Tomcat > 5.5.20
Posted by Kazuhito SUGURI <su...@lab.ntt.co.jp>.
Hi Nicolas,
I believe I have successfully re-produced your problem
in my environment.
In article <lo...@post.gmane.org>,
Mon, 24 Sep 2007 12:47:27 +0000 (UTC),
Nicolas Clemeur <nc...@daesim.com> wrote:
nclemeur> I am having some difficulties to setup cactus tests using
nclemeur> tomcat > 5.5.20 (Everything works fine with 5.5.20).
nclemeur> I am using form authentication in cactus tests (as described
nclemeur> on the cactus web site). When I look at the generated request,
nclemeur> I get the authentication layer called with all the parameters
nclemeur> needed for the test (service name, class,...), but when the
nclemeur> request for the actual test is generated it is missing all the
nclemeur> parameters to run the test. So I am suspecting something must
nclemeur> have change in tomcat (nothing has changed in the cactus
nclemeur> environment) in the way the authentication calls are handled
nclemeur> in tomcat post 5.5.20 (I have tried 5.5.23 and 5.5.25).
I reviewed the difference between source codes of Tomcat
of versions 5.5.20 and 5.5.23.
My understanding at this moment is as follows:
It seems behavior of Tomcat have been changed so that
the request just after the authentication (i.e. j_security_check)
would be replaced by a cached request which did arise
the authentication.
The FormAuthentication class of Cactus sends a request
without parameter for an authentication (i.e. to obtain
a JSESSIONID which is associated with the user principal).
Tomcat caches the request and would replace the next request
(just after the authentication) internally by the cached one,
even if the client-side of Cactus sent the request with
parameters to run test. Then, the ServletRedirectorSecure
receives the cached-request without parameters
which causes an error.
As the behavior cannot be controled by some configuration of Tomcat,
Cactus should be changed to adopt.
I have modified the FormAuthentication class so that
the form authentication would work with both Tomcat 5.5.20
and 5.5.23.
I'll post the (dirty ;-<) code later.
----
Kazuhito SUGURI
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org