You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Ni...@alcatel.fr on 2002/03/12 12:11:21 UTC
security
Hello,
I would like to use tomcat security, but I don't understand what is the
j_security_check url called
when sending login/password form. Does someone knows about it ?
Furthermore, is it possible to protect the url '/myservlet?action=1'
and not the url '/myservlet?action=2'
Thanks
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: security
Posted by Ni...@alcatel.fr.
j'ai essaye mais ça ne marche pas. Par contre, je ne connais pas les filtres.
Tu aurais une solution possible avec ça ?
RAYMOND Romain wrote:
> >
> > Oui, le francais etait bienvenu.
> >
> > Mais pour ma question de proteger l'url '/myservlet?action=1'
> > et pas l'url '/myservlet?action=2',
>
> est ce que tu as essaye en jouant sur le web.xml avec les tags
> <security-constraint> et
> <url-pattern>/myservlet?action=1</url-pattern>
> ?
>
> je sais pas si ca peut marcher mais cest ce qui decoule de la doc
> sinon y a l option des filtres ...
>
>
> >
> > j'ai essaye dans Tomcat/examples/jsp/security/protected, et je ne suis arrive
> > a proteger qu'une servlet,
> > sans pouvoir differencier les protections suivant les parametres.
> >
> > --
> > To unsubscribe: <ma...@jakarta.apache.org>
> > For additional commands: <ma...@jakarta.apache.org>
> > Troubles with the list: <ma...@jakarta.apache.org>
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: security
Posted by RAYMOND Romain <ro...@c-s.fr>.
>
> Oui, le francais etait bienvenu.
>
> Mais pour ma question de proteger l'url '/myservlet?action=1'
> et pas l'url '/myservlet?action=2',
est ce que tu as essaye en jouant sur le web.xml avec les tags
<security-constraint> et
<url-pattern>/myservlet?action=1</url-pattern>
?
je sais pas si ca peut marcher mais cest ce qui decoule de la doc
sinon y a l option des filtres ...
>
> j'ai essaye dans Tomcat/examples/jsp/security/protected, et je ne suis arrive
> a proteger qu'une servlet,
> sans pouvoir differencier les protections suivant les parametres.
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: security
Posted by Ni...@alcatel.fr.
Oui, le francais etait bienvenu.
Mais pour ma question de proteger l'url '/myservlet?action=1'
et pas l'url '/myservlet?action=2',
j'ai essaye dans Tomcat/examples/jsp/security/protected, et je ne suis arrive
a proteger qu'une servlet,
sans pouvoir differencier les protections suivant les parametres.
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: security
Posted by RAYMOND Romain <ro...@c-s.fr>.
j_security_check est un mecanisme natif de l'API servlet.
il suffit donc de de creer un formulaire HTML ou l'action =
j_security_check par exemple
suivant les specs : "
<form method="POST" action="j_security_check" name="loginForm">
<table cborder="0" cellpadding="0" cellspacing="0"><tr>
<td valign="BOTTOM" width="120"> Identifiant </td>
<td valign="BOTTOM" rowspan="3"><input type="text"
name="j_username"></td>
<td valign="BOTTOM" width="120"> Mot de passe </td>
<td valign="BOTTOM" rowspan="3"><input type="password"
name="j_password"></td>
</form>
"
ce formulaire est automatiquement "mappé" avec les directives fournies a
Tomcat
(cf Tomcat-users.xml et l'exemple de jsp fourni avec Tomcat dans les
repertoires security/protected)
...
voilou j espere que c etait a peu pres clair
et que le frenchy language etait bienvenue ...
>
> Hello,
>
> I would like to use tomcat security, but I don't understand what is the
> j_security_check url called
> when sending login/password form. Does someone knows about it ?
> Furthermore, is it possible to protect the url '/myservlet?action=1'
> and not the url '/myservlet?action=2'
>
> Thanks
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>
Re: security
Posted by RAYMOND Romain <ro...@c-s.fr>.
>
> Hello,
>
> I would like to use tomcat security, but I don't understand what is the
> j_security_check url called
> when sending login/password form. Does someone knows about it ?
> Furthermore, is it possible to protect the url '/myservlet?action=1'
> and not the url '/myservlet?action=2'
sorry I had forgotten the second question about URL protection ...
yes it is possible see the Tomcat/examples/jsp/security/protected
which may explain this
>
> Thanks
>
> --
> To unsubscribe: <ma...@jakarta.apache.org>
> For additional commands: <ma...@jakarta.apache.org>
> Troubles with the list: <ma...@jakarta.apache.org>
--
To unsubscribe: <ma...@jakarta.apache.org>
For additional commands: <ma...@jakarta.apache.org>
Troubles with the list: <ma...@jakarta.apache.org>