You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Tod Thomas <to...@verizon.net> on 2002/08/14 02:30:46 UTC
Can this be done...?
I want to use tomcat on my machine to test XSLT.
I have a directory called Tomcat/webapps/testxslt. There I have placed my test.xml and test.xsl files. I have copied xalan.jar, xml-apis.jar, and xerces-Impl.jar into my $JAVA_HOME/jre/lib/endorsed directory. Using command line Xalan I have validated that both files are well formed and work as expected. Using a browser I can get to both the xml and xsl pages and view their contents, but the transformation never occurs. I do have an href in the xml pointing to the xsl file.
Am I wrong in thinking I can do this? Is there maybe something I need to do to one of the configuration files to make this happen? I really don't need the functionality of Cocoon yet so this scaled down testing platform using Tomcat only would serve me well. Any suggestions?
Thanks in advance.
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Can this be done...?
Posted by Jacob Hookom <ho...@uwec.edu>.
Water Street is my second home, only 2 blocks away :-)
If you do a pure call to XML from your browser, you will need to
reference the XSL document which will be used by your 'browser' to do
the transformation as Jacob Kjome pointed out.
Probably the easiest way to test transformations is to do a simple jsp
with JSTL that takes in the XML and the XSL document as parameters.
Regards,
Jacob Hookom
Comprehensive Computer Science
University of Wisconsin, Eau Claire
| -----Original Message-----
| From: Tod Thomas [mailto:tod.thomas@verizon.net]
| Sent: Tuesday, August 13, 2002 8:55 PM
| To: Tomcat Users List
| Subject: Re: Can this be done...?
|
| On Tue, 13 Aug 2002 20:33:38 -0500
| "Jacob Hookom" <ho...@uwec.edu> wrote:
|
| > You might want to look at installing JSTL under the Taglibs
"Standard"
| >
| > It provides simple xslt transformation by selecting a file as a
source
| > and a file as the xsl document, the download includes deployable
wars
| > that demonstrate this functionality.
| >
| > -Jake
|
| Thanks, I'll have a look. But was my original thinking wrong? Should
I
| expect tomcat to just perform the transform because I've set my
xml/xsl up
| correctly, is there something extra I need to do, or is it just not
| designed to do that elegantly?
|
| Say hi to Water St. for me.
|
|
| > | -----Original Message-----
| > | From: Tod Thomas [mailto:tod.thomas@verizon.net]
| > | Sent: Tuesday, August 13, 2002 7:31 PM
| > | To: tomcat-user@jakarta.apache.org
| > | Subject: Can this be done...?
| > |
| > | I want to use tomcat on my machine to test XSLT.
| > |
| > | I have a directory called Tomcat/webapps/testxslt. There I have
| > placed my
| > | test.xml and test.xsl files. I have copied xalan.jar,
xml-apis.jar,
| > and
| > | xerces-Impl.jar into my $JAVA_HOME/jre/lib/endorsed directory.
Using
| > | command line Xalan I have validated that both files are well
formed
| > and
| > | work as expected. Using a browser I can get to both the xml and
xsl
| > pages
| > | and view their contents, but the transformation never occurs. I
do
| > have
| > | an href in the xml pointing to the xsl file.
| > |
| > | Am I wrong in thinking I can do this? Is there maybe something I
need
| > to
| > | do to one of the configuration files to make this happen? I
really
| > don't
| > | need the functionality of Cocoon yet so this scaled down testing
| > platform
| > | using Tomcat only would serve me well. Any suggestions?
| > |
| > | Thanks in advance.
| > |
| > | --
| > | To unsubscribe, e-mail: <mailto:tomcat-user-
| > | unsubscribe@jakarta.apache.org>
| > | For additional commands, e-mail: <mailto:tomcat-user-
| > | help@jakarta.apache.org>
| > |
| > | ---
| > | Incoming mail is certified Virus Free.
| > | Checked by AVG anti-virus system (http://www.grisoft.com).
| > | Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
| > |
| >
| > ---
| > Outgoing mail is certified Virus Free.
| > Checked by AVG anti-virus system (http://www.grisoft.com).
| > Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
| >
| >
| >
| > --
| > To unsubscribe, e-mail: <mailto:tomcat-user-
| unsubscribe@jakarta.apache.org>
| > For additional commands, e-mail: <mailto:tomcat-user-
| help@jakarta.apache.org>
| >
|
| --
| To unsubscribe, e-mail: <mailto:tomcat-user-
| unsubscribe@jakarta.apache.org>
| For additional commands, e-mail: <mailto:tomcat-user-
| help@jakarta.apache.org>
|
| ---
| Incoming mail is certified Virus Free.
| Checked by AVG anti-virus system (http://www.grisoft.com).
| Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
|
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Can this be done...?
Posted by Jacob Kjome <ho...@visi.com>.
Unless you set up a servlet or JSP to process the xml file using a
specified xsl file by explicitly invoking Xalan on it, all that will happen
is that the xml file will be served to your browser and the transformation,
if it is going to happen, will happen on the client side.
Actually, both IE5.5+ and Mozilla should be able to transform it on the
client side, but this has nothing at all to do with Tomcat. tomcat is just
serving both files as static content. Oh, keep in mind that the server has
to serve up xml and xsl files as "text/xml", otherwise no transformation
will take place (at least in Mozilla which is strict, as it should be,
about stuff like that).
Jake
At 09:55 PM 8/13/2002 -0400, you wrote:
>On Tue, 13 Aug 2002 20:33:38 -0500
>"Jacob Hookom" <ho...@uwec.edu> wrote:
>
> > You might want to look at installing JSTL under the Taglibs "Standard"
> >
> > It provides simple xslt transformation by selecting a file as a source
> > and a file as the xsl document, the download includes deployable wars
> > that demonstrate this functionality.
> >
> > -Jake
>
>Thanks, I'll have a look. But was my original thinking wrong? Should I
>expect tomcat to just perform the transform because I've set my xml/xsl up
>correctly, is there something extra I need to do, or is it just not
>designed to do that elegantly?
>
>Say hi to Water St. for me.
>
>
> > | -----Original Message-----
> > | From: Tod Thomas [mailto:tod.thomas@verizon.net]
> > | Sent: Tuesday, August 13, 2002 7:31 PM
> > | To: tomcat-user@jakarta.apache.org
> > | Subject: Can this be done...?
> > |
> > | I want to use tomcat on my machine to test XSLT.
> > |
> > | I have a directory called Tomcat/webapps/testxslt. There I have
> > placed my
> > | test.xml and test.xsl files. I have copied xalan.jar, xml-apis.jar,
> > and
> > | xerces-Impl.jar into my $JAVA_HOME/jre/lib/endorsed directory. Using
> > | command line Xalan I have validated that both files are well formed
> > and
> > | work as expected. Using a browser I can get to both the xml and xsl
> > pages
> > | and view their contents, but the transformation never occurs. I do
> > have
> > | an href in the xml pointing to the xsl file.
> > |
> > | Am I wrong in thinking I can do this? Is there maybe something I need
> > to
> > | do to one of the configuration files to make this happen? I really
> > don't
> > | need the functionality of Cocoon yet so this scaled down testing
> > platform
> > | using Tomcat only would serve me well. Any suggestions?
> > |
> > | Thanks in advance.
> > |
> > | --
> > | To unsubscribe, e-mail: <mailto:tomcat-user-> |
> unsubscribe@jakarta.apache.org>
> > | For additional commands, e-mail: <mailto:tomcat-user-> |
> help@jakarta.apache.org>
> > |
> > | ---
> > | Incoming mail is certified Virus Free.
> > | Checked by AVG anti-virus system (http://www.grisoft.com).
> > | Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> > |
> >
> > ---
> > Outgoing mail is certified Virus Free.
> > Checked by AVG anti-virus system (http://www.grisoft.com).
> > Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> >
> >
> >
> > --
> > To unsubscribe,
> e-mail: <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> >
>
>--
>To unsubscribe, e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Can this be done...?
Posted by Tod Thomas <to...@verizon.net>.
On Tue, 13 Aug 2002 20:33:38 -0500
"Jacob Hookom" <ho...@uwec.edu> wrote:
> You might want to look at installing JSTL under the Taglibs "Standard"
>
> It provides simple xslt transformation by selecting a file as a source
> and a file as the xsl document, the download includes deployable wars
> that demonstrate this functionality.
>
> -Jake
Thanks, I'll have a look. But was my original thinking wrong? Should I expect tomcat to just perform the transform because I've set my xml/xsl up correctly, is there something extra I need to do, or is it just not designed to do that elegantly?
Say hi to Water St. for me.
> | -----Original Message-----
> | From: Tod Thomas [mailto:tod.thomas@verizon.net]
> | Sent: Tuesday, August 13, 2002 7:31 PM
> | To: tomcat-user@jakarta.apache.org
> | Subject: Can this be done...?
> |
> | I want to use tomcat on my machine to test XSLT.
> |
> | I have a directory called Tomcat/webapps/testxslt. There I have
> placed my
> | test.xml and test.xsl files. I have copied xalan.jar, xml-apis.jar,
> and
> | xerces-Impl.jar into my $JAVA_HOME/jre/lib/endorsed directory. Using
> | command line Xalan I have validated that both files are well formed
> and
> | work as expected. Using a browser I can get to both the xml and xsl
> pages
> | and view their contents, but the transformation never occurs. I do
> have
> | an href in the xml pointing to the xsl file.
> |
> | Am I wrong in thinking I can do this? Is there maybe something I need
> to
> | do to one of the configuration files to make this happen? I really
> don't
> | need the functionality of Cocoon yet so this scaled down testing
> platform
> | using Tomcat only would serve me well. Any suggestions?
> |
> | Thanks in advance.
> |
> | --
> | To unsubscribe, e-mail: <mailto:tomcat-user-
> | unsubscribe@jakarta.apache.org>
> | For additional commands, e-mail: <mailto:tomcat-user-
> | help@jakarta.apache.org>
> |
> | ---
> | Incoming mail is certified Virus Free.
> | Checked by AVG anti-virus system (http://www.grisoft.com).
> | Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
> |
>
> ---
> Outgoing mail is certified Virus Free.
> Checked by AVG anti-virus system (http://www.grisoft.com).
> Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
>
>
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: j_username in session cookie - where did it go?
Posted by Ben Walding <be...@walding.com>.
It was possibly an undocumented (and not part of the spec) feature.
You should just use => request.getRemoteUser()
Where request is passed in through doGet(request, response) or however
that works in JSP.
Ed Thompson wrote:
>I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2 to
>Tomcat 4.0.4.
>
>I am using form based authentication, and found under 3.2 I could pull
>j_username out of the session cookie after authenticaion was done.
>
>Now under Tomcat 4 it doesn't seem to be there. I know I tried it under
>Tomcat 4.0.1 before I upgraded and it worked, but not after uninstalling 3.2
>and installing 4.0.4 from scratch..
>
>Can anyone shed light on what is (not) happening? Have the rules changed or
>have I not cfg'd something properly?
>
>Thanx!
>Ed
>
>
>
>--
>To unsubscribe, e-mail: <ma...@jakarta.apache.org>
>For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: j_username in session cookie - where did it go?
Posted by "Craig R. McClanahan" <cr...@apache.org>.
On Wed, 14 Aug 2002, Mark Schmeets wrote:
> Date: Wed, 14 Aug 2002 10:54:04 -0400
> From: Mark Schmeets <ma...@chipware.com>
> Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> To: Tomcat Users List <to...@jakarta.apache.org>
> Subject: RE: j_username in session cookie - where did it go?
>
> whoa, that seems like a very oversimplified answer. Some of us require
> security at the data level too. A "solution" like that makes Tomcat's
> authentication useless in that situation...
>
If you base your data security on the fact that the container has already
authenticated the user (and if you trust the container), why do you need
the password again? You already know who the user is, and you can find
out if he/she has a particular role used to protect the data you are
checking for access rights to.
>
> Mark
Craig
>
>
> -----Original Message-----
> From: Craig R. McClanahan [mailto:craigmcc@apache.org]
> Sent: Tuesday, August 13, 2002 11:11 PM
> To: Tomcat Users List
> Subject: Re: j_username in session cookie - where did it go?
>
>
>
>
> On Tue, 13 Aug 2002, Ed Thompson wrote:
>
> > Date: Tue, 13 Aug 2002 22:56:32 -0400
> > From: Ed Thompson <et...@carolina.rr.com>
> > Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> > To: Tomcat Users List <to...@jakarta.apache.org>
> > Subject: Re: j_username in session cookie - where did it go?
> >
> > I was also scrapping the password - used j_userbane and j_passwd for
> > database access.
> >
>
> There is no portable way to do that. And Tomcat 4 does not expose them,
> because the password because it is none of the app's business -- the user
> is either authenticated or not.
>
> > Any hints on that one?
>
> Re-architect your app so that it needs only the username.
>
> Craig
>
>
> >
> > ----- Original Message -----
> > From: "Craig R. McClanahan" <cr...@apache.org>
> > To: "Tomcat Users List" <to...@jakarta.apache.org>
> > Sent: Tuesday, August 13, 2002 10:41 PM
> > Subject: Re: j_username in session cookie - where did it go?
> >
> >
> > >
> > >
> > > On Tue, 13 Aug 2002, Ed Thompson wrote:
> > >
> > > > Date: Tue, 13 Aug 2002 21:57:53 -0400
> > > > From: Ed Thompson <et...@carolina.rr.com>
> > > > Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> > > > To: Tomcat Users List <to...@jakarta.apache.org>
> > > > Subject: j_username in session cookie - where did it go?
> > > >
> > > > I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2 to
> > > > Tomcat 4.0.4.
> > > >
> > > > I am using form based authentication, and found under 3.2 I could pull
> > > > j_username out of the session cookie after authenticaion was done.
> > > >
> > >
> > > That's not how it really worked under 3.2, although if you are using
> BASIC
> > > authentication you could decode the username out of the "Authorization"
> > > header.
> > >
> > > > Now under Tomcat 4 it doesn't seem to be there. I know I tried it
> under
> > > > Tomcat 4.0.1 before I upgraded and it worked, but not after
> uninstalling
> > 3.2
> > > > and installing 4.0.4 from scratch..
> > > >
> > > > Can anyone shed light on what is (not) happening? Have the rules
> > changed or
> > > > have I not cfg'd something properly?
> > > >
> > >
> > > The portable way to get ahold of the authenticated username is to call
> > > request.getRemoteUser(). See the servlet spec for more details on
> > > container managed security:
> > >
> > > http://java.sun.com/products/servlet/download.html
> > >
> > > > Thanx!
> > > > Ed
> > >
> > > Craig
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> > <ma...@jakarta.apache.org>
> > > For additional commands, e-mail:
> > <ma...@jakarta.apache.org>
> > >
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> >
> >
>
>
> --
> To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> For additional commands, e-mail:
> <ma...@jakarta.apache.org>
>
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: j_username in session cookie - where did it go?
Posted by Mark Schmeets <ma...@chipware.com>.
whoa, that seems like a very oversimplified answer. Some of us require
security at the data level too. A "solution" like that makes Tomcat's
authentication useless in that situation...
Mark
-----Original Message-----
From: Craig R. McClanahan [mailto:craigmcc@apache.org]
Sent: Tuesday, August 13, 2002 11:11 PM
To: Tomcat Users List
Subject: Re: j_username in session cookie - where did it go?
On Tue, 13 Aug 2002, Ed Thompson wrote:
> Date: Tue, 13 Aug 2002 22:56:32 -0400
> From: Ed Thompson <et...@carolina.rr.com>
> Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> To: Tomcat Users List <to...@jakarta.apache.org>
> Subject: Re: j_username in session cookie - where did it go?
>
> I was also scrapping the password - used j_userbane and j_passwd for
> database access.
>
There is no portable way to do that. And Tomcat 4 does not expose them,
because the password because it is none of the app's business -- the user
is either authenticated or not.
> Any hints on that one?
Re-architect your app so that it needs only the username.
Craig
>
> ----- Original Message -----
> From: "Craig R. McClanahan" <cr...@apache.org>
> To: "Tomcat Users List" <to...@jakarta.apache.org>
> Sent: Tuesday, August 13, 2002 10:41 PM
> Subject: Re: j_username in session cookie - where did it go?
>
>
> >
> >
> > On Tue, 13 Aug 2002, Ed Thompson wrote:
> >
> > > Date: Tue, 13 Aug 2002 21:57:53 -0400
> > > From: Ed Thompson <et...@carolina.rr.com>
> > > Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> > > To: Tomcat Users List <to...@jakarta.apache.org>
> > > Subject: j_username in session cookie - where did it go?
> > >
> > > I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2 to
> > > Tomcat 4.0.4.
> > >
> > > I am using form based authentication, and found under 3.2 I could pull
> > > j_username out of the session cookie after authenticaion was done.
> > >
> >
> > That's not how it really worked under 3.2, although if you are using
BASIC
> > authentication you could decode the username out of the "Authorization"
> > header.
> >
> > > Now under Tomcat 4 it doesn't seem to be there. I know I tried it
under
> > > Tomcat 4.0.1 before I upgraded and it worked, but not after
uninstalling
> 3.2
> > > and installing 4.0.4 from scratch..
> > >
> > > Can anyone shed light on what is (not) happening? Have the rules
> changed or
> > > have I not cfg'd something properly?
> > >
> >
> > The portable way to get ahold of the authenticated username is to call
> > request.getRemoteUser(). See the servlet spec for more details on
> > container managed security:
> >
> > http://java.sun.com/products/servlet/download.html
> >
> > > Thanx!
> > > Ed
> >
> > Craig
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> >
>
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
>
>
--
To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
For additional commands, e-mail:
<ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: j_username in session cookie - where did it go?
Posted by "Craig R. McClanahan" <cr...@apache.org>.
On Tue, 13 Aug 2002, Ed Thompson wrote:
> Date: Tue, 13 Aug 2002 22:56:32 -0400
> From: Ed Thompson <et...@carolina.rr.com>
> Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> To: Tomcat Users List <to...@jakarta.apache.org>
> Subject: Re: j_username in session cookie - where did it go?
>
> I was also scrapping the password - used j_userbane and j_passwd for
> database access.
>
There is no portable way to do that. And Tomcat 4 does not expose them,
because the password because it is none of the app's business -- the user
is either authenticated or not.
> Any hints on that one?
Re-architect your app so that it needs only the username.
Craig
>
> ----- Original Message -----
> From: "Craig R. McClanahan" <cr...@apache.org>
> To: "Tomcat Users List" <to...@jakarta.apache.org>
> Sent: Tuesday, August 13, 2002 10:41 PM
> Subject: Re: j_username in session cookie - where did it go?
>
>
> >
> >
> > On Tue, 13 Aug 2002, Ed Thompson wrote:
> >
> > > Date: Tue, 13 Aug 2002 21:57:53 -0400
> > > From: Ed Thompson <et...@carolina.rr.com>
> > > Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> > > To: Tomcat Users List <to...@jakarta.apache.org>
> > > Subject: j_username in session cookie - where did it go?
> > >
> > > I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2 to
> > > Tomcat 4.0.4.
> > >
> > > I am using form based authentication, and found under 3.2 I could pull
> > > j_username out of the session cookie after authenticaion was done.
> > >
> >
> > That's not how it really worked under 3.2, although if you are using BASIC
> > authentication you could decode the username out of the "Authorization"
> > header.
> >
> > > Now under Tomcat 4 it doesn't seem to be there. I know I tried it under
> > > Tomcat 4.0.1 before I upgraded and it worked, but not after uninstalling
> 3.2
> > > and installing 4.0.4 from scratch..
> > >
> > > Can anyone shed light on what is (not) happening? Have the rules
> changed or
> > > have I not cfg'd something properly?
> > >
> >
> > The portable way to get ahold of the authenticated username is to call
> > request.getRemoteUser(). See the servlet spec for more details on
> > container managed security:
> >
> > http://java.sun.com/products/servlet/download.html
> >
> > > Thanx!
> > > Ed
> >
> > Craig
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> >
>
>
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: j_username in session cookie - where did it go?
Posted by Ed Thompson <et...@carolina.rr.com>.
I was also scrapping the password - used j_userbane and j_passwd for
database access.
Any hints on that one?
----- Original Message -----
From: "Craig R. McClanahan" <cr...@apache.org>
To: "Tomcat Users List" <to...@jakarta.apache.org>
Sent: Tuesday, August 13, 2002 10:41 PM
Subject: Re: j_username in session cookie - where did it go?
>
>
> On Tue, 13 Aug 2002, Ed Thompson wrote:
>
> > Date: Tue, 13 Aug 2002 21:57:53 -0400
> > From: Ed Thompson <et...@carolina.rr.com>
> > Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> > To: Tomcat Users List <to...@jakarta.apache.org>
> > Subject: j_username in session cookie - where did it go?
> >
> > I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2 to
> > Tomcat 4.0.4.
> >
> > I am using form based authentication, and found under 3.2 I could pull
> > j_username out of the session cookie after authenticaion was done.
> >
>
> That's not how it really worked under 3.2, although if you are using BASIC
> authentication you could decode the username out of the "Authorization"
> header.
>
> > Now under Tomcat 4 it doesn't seem to be there. I know I tried it under
> > Tomcat 4.0.1 before I upgraded and it worked, but not after uninstalling
3.2
> > and installing 4.0.4 from scratch..
> >
> > Can anyone shed light on what is (not) happening? Have the rules
changed or
> > have I not cfg'd something properly?
> >
>
> The portable way to get ahold of the authenticated username is to call
> request.getRemoteUser(). See the servlet spec for more details on
> container managed security:
>
> http://java.sun.com/products/servlet/download.html
>
> > Thanx!
> > Ed
>
> Craig
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: j_username in session cookie - where did it go?
Posted by "Craig R. McClanahan" <cr...@apache.org>.
On Wed, 14 Aug 2002, Ed Thompson wrote:
> Date: Wed, 14 Aug 2002 19:27:03 -0400
> From: Ed Thompson <et...@carolina.rr.com>
> Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> To: Tomcat Users List <to...@jakarta.apache.org>
> Subject: Re: j_username in session cookie - where did it go?
>
> OK, exploring the alternatives -
>
> I authenticate, then I call the snoop.jsp in the tomcat examples directory,
> and it indicates remote User is null.
>
> Am I missing something else?
>
Authentication is per-webapp unless you turn on the Single Sign On
feature. See "http://localhost:8080/tomcat-docs/config/host.html" for
more about single sign on (under Special Features).
Craig
> ----- Original Message -----
> From: "Craig R. McClanahan" <cr...@apache.org>
> To: "Tomcat Users List" <to...@jakarta.apache.org>
> Sent: Tuesday, August 13, 2002 10:41 PM
> Subject: Re: j_username in session cookie - where did it go?
>
>
> >
> >
> > On Tue, 13 Aug 2002, Ed Thompson wrote:
> >
> > > Date: Tue, 13 Aug 2002 21:57:53 -0400
> > > From: Ed Thompson <et...@carolina.rr.com>
> > > Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> > > To: Tomcat Users List <to...@jakarta.apache.org>
> > > Subject: j_username in session cookie - where did it go?
> > >
> > > I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2 to
> > > Tomcat 4.0.4.
> > >
> > > I am using form based authentication, and found under 3.2 I could pull
> > > j_username out of the session cookie after authenticaion was done.
> > >
> >
> > That's not how it really worked under 3.2, although if you are using BASIC
> > authentication you could decode the username out of the "Authorization"
> > header.
> >
> > > Now under Tomcat 4 it doesn't seem to be there. I know I tried it under
> > > Tomcat 4.0.1 before I upgraded and it worked, but not after uninstalling
> 3.2
> > > and installing 4.0.4 from scratch..
> > >
> > > Can anyone shed light on what is (not) happening? Have the rules
> changed or
> > > have I not cfg'd something properly?
> > >
> >
> > The portable way to get ahold of the authenticated username is to call
> > request.getRemoteUser(). See the servlet spec for more details on
> > container managed security:
> >
> > http://java.sun.com/products/servlet/download.html
> >
> > > Thanx!
> > > Ed
> >
> > Craig
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> >
>
>
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: j_username in session cookie - where did it go?
Posted by Milt Epstein <me...@uiuc.edu>.
On Wed, 14 Aug 2002, Ed Thompson wrote:
> It defaults to true, and I don't have it explicitly set.
Yeah, but what I was saying is that sometimes you need it to be false
(i.e. you need to explicitly set it to false).
> I got getRemoteUser to work, now I just need to find a password
> passing strategy...
If you got getRemoteUser to work, then the above is not the problem.
As to a password passing strategy, I suggest heeding Craig's advice.
> ----- Original Message -----
> From: "Milt Epstein" <me...@uiuc.edu>
> To: "Tomcat Users List" <to...@jakarta.apache.org>
> Sent: Wednesday, August 14, 2002 7:54 PM
> Subject: Re: j_username in session cookie - where did it go?
>
>
> > On Wed, 14 Aug 2002, Ed Thompson wrote:
> >
> > > OK, exploring the alternatives -
> > >
> > > I authenticate, then I call the snoop.jsp in the tomcat examples
> > > directory, and it indicates remote User is null.
> > >
> > > Am I missing something else?
> >
> > Are you doing this through Apache, or Tomcat standalone? If the
> > former, do you have tomcatAuthentication="false" in your Connector tag
> > in your server.xml? I had to put that in there for the AJP connector
> > in order to get this to work.
> >
> >
> > > ----- Original Message -----
> > > From: "Craig R. McClanahan" <cr...@apache.org>
> > > To: "Tomcat Users List" <to...@jakarta.apache.org>
> > > Sent: Tuesday, August 13, 2002 10:41 PM
> > > Subject: Re: j_username in session cookie - where did it go?
> > >
> > >
> > > >
> > > >
> > > > On Tue, 13 Aug 2002, Ed Thompson wrote:
> > > >
> > > > > Date: Tue, 13 Aug 2002 21:57:53 -0400
> > > > > From: Ed Thompson <et...@carolina.rr.com>
> > > > > Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> > > > > To: Tomcat Users List <to...@jakarta.apache.org>
> > > > > Subject: j_username in session cookie - where did it go?
> > > > >
> > > > > I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2
> to
> > > > > Tomcat 4.0.4.
> > > > >
> > > > > I am using form based authentication, and found under 3.2 I could
> pull
> > > > > j_username out of the session cookie after authenticaion was done.
> > > > >
> > > >
> > > > That's not how it really worked under 3.2, although if you are using
> BASIC
> > > > authentication you could decode the username out of the
> "Authorization"
> > > > header.
> > > >
> > > > > Now under Tomcat 4 it doesn't seem to be there. I know I tried it
> under
> > > > > Tomcat 4.0.1 before I upgraded and it worked, but not after
> uninstalling
> > > 3.2
> > > > > and installing 4.0.4 from scratch..
> > > > >
> > > > > Can anyone shed light on what is (not) happening? Have the rules
> > > changed or
> > > > > have I not cfg'd something properly?
> > > > >
> > > >
> > > > The portable way to get ahold of the authenticated username is to call
> > > > request.getRemoteUser(). See the servlet spec for more details on
> > > > container managed security:
> > > >
> > > > http://java.sun.com/products/servlet/download.html
> > > >
> > > > > Thanx!
> > > > > Ed
> > > >
> > > > Craig
> > > >
> > > >
> > > > --
> > > > To unsubscribe, e-mail:
> > > <ma...@jakarta.apache.org>
> > > > For additional commands, e-mail:
> > > <ma...@jakarta.apache.org>
> > > >
> > >
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> > > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> > >
> >
> > Milt Epstein
> > Research Programmer
> > Systems and Technology Services (STS)
> > Campus Information Technologies and Educational Services (CITES)
> > University of Illinois at Urbana-Champaign (UIUC)
> > mepstein@uiuc.edu
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> >
>
>
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
>
Milt Epstein
Research Programmer
Systems and Technology Services (STS)
Campus Information Technologies and Educational Services (CITES)
University of Illinois at Urbana-Champaign (UIUC)
mepstein@uiuc.edu
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: j_username in session cookie - where did it go?
Posted by Ed Thompson <et...@carolina.rr.com>.
It defaults to true, and I don't have it explicitly set.
I got getRemoteUser to work, now I just need to find a password passing
strategy...
----- Original Message -----
From: "Milt Epstein" <me...@uiuc.edu>
To: "Tomcat Users List" <to...@jakarta.apache.org>
Sent: Wednesday, August 14, 2002 7:54 PM
Subject: Re: j_username in session cookie - where did it go?
> On Wed, 14 Aug 2002, Ed Thompson wrote:
>
> > OK, exploring the alternatives -
> >
> > I authenticate, then I call the snoop.jsp in the tomcat examples
> > directory, and it indicates remote User is null.
> >
> > Am I missing something else?
>
> Are you doing this through Apache, or Tomcat standalone? If the
> former, do you have tomcatAuthentication="false" in your Connector tag
> in your server.xml? I had to put that in there for the AJP connector
> in order to get this to work.
>
>
> > ----- Original Message -----
> > From: "Craig R. McClanahan" <cr...@apache.org>
> > To: "Tomcat Users List" <to...@jakarta.apache.org>
> > Sent: Tuesday, August 13, 2002 10:41 PM
> > Subject: Re: j_username in session cookie - where did it go?
> >
> >
> > >
> > >
> > > On Tue, 13 Aug 2002, Ed Thompson wrote:
> > >
> > > > Date: Tue, 13 Aug 2002 21:57:53 -0400
> > > > From: Ed Thompson <et...@carolina.rr.com>
> > > > Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> > > > To: Tomcat Users List <to...@jakarta.apache.org>
> > > > Subject: j_username in session cookie - where did it go?
> > > >
> > > > I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2
to
> > > > Tomcat 4.0.4.
> > > >
> > > > I am using form based authentication, and found under 3.2 I could
pull
> > > > j_username out of the session cookie after authenticaion was done.
> > > >
> > >
> > > That's not how it really worked under 3.2, although if you are using
BASIC
> > > authentication you could decode the username out of the
"Authorization"
> > > header.
> > >
> > > > Now under Tomcat 4 it doesn't seem to be there. I know I tried it
under
> > > > Tomcat 4.0.1 before I upgraded and it worked, but not after
uninstalling
> > 3.2
> > > > and installing 4.0.4 from scratch..
> > > >
> > > > Can anyone shed light on what is (not) happening? Have the rules
> > changed or
> > > > have I not cfg'd something properly?
> > > >
> > >
> > > The portable way to get ahold of the authenticated username is to call
> > > request.getRemoteUser(). See the servlet spec for more details on
> > > container managed security:
> > >
> > > http://java.sun.com/products/servlet/download.html
> > >
> > > > Thanx!
> > > > Ed
> > >
> > > Craig
> > >
> > >
> > > --
> > > To unsubscribe, e-mail:
> > <ma...@jakarta.apache.org>
> > > For additional commands, e-mail:
> > <ma...@jakarta.apache.org>
> > >
> >
> >
> >
> > --
> > To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> > For additional commands, e-mail:
<ma...@jakarta.apache.org>
> >
>
> Milt Epstein
> Research Programmer
> Systems and Technology Services (STS)
> Campus Information Technologies and Educational Services (CITES)
> University of Illinois at Urbana-Champaign (UIUC)
> mepstein@uiuc.edu
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: j_username in session cookie - where did it go?
Posted by Milt Epstein <me...@uiuc.edu>.
On Wed, 14 Aug 2002, Ed Thompson wrote:
> OK, exploring the alternatives -
>
> I authenticate, then I call the snoop.jsp in the tomcat examples
> directory, and it indicates remote User is null.
>
> Am I missing something else?
Are you doing this through Apache, or Tomcat standalone? If the
former, do you have tomcatAuthentication="false" in your Connector tag
in your server.xml? I had to put that in there for the AJP connector
in order to get this to work.
> ----- Original Message -----
> From: "Craig R. McClanahan" <cr...@apache.org>
> To: "Tomcat Users List" <to...@jakarta.apache.org>
> Sent: Tuesday, August 13, 2002 10:41 PM
> Subject: Re: j_username in session cookie - where did it go?
>
>
> >
> >
> > On Tue, 13 Aug 2002, Ed Thompson wrote:
> >
> > > Date: Tue, 13 Aug 2002 21:57:53 -0400
> > > From: Ed Thompson <et...@carolina.rr.com>
> > > Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> > > To: Tomcat Users List <to...@jakarta.apache.org>
> > > Subject: j_username in session cookie - where did it go?
> > >
> > > I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2 to
> > > Tomcat 4.0.4.
> > >
> > > I am using form based authentication, and found under 3.2 I could pull
> > > j_username out of the session cookie after authenticaion was done.
> > >
> >
> > That's not how it really worked under 3.2, although if you are using BASIC
> > authentication you could decode the username out of the "Authorization"
> > header.
> >
> > > Now under Tomcat 4 it doesn't seem to be there. I know I tried it under
> > > Tomcat 4.0.1 before I upgraded and it worked, but not after uninstalling
> 3.2
> > > and installing 4.0.4 from scratch..
> > >
> > > Can anyone shed light on what is (not) happening? Have the rules
> changed or
> > > have I not cfg'd something properly?
> > >
> >
> > The portable way to get ahold of the authenticated username is to call
> > request.getRemoteUser(). See the servlet spec for more details on
> > container managed security:
> >
> > http://java.sun.com/products/servlet/download.html
> >
> > > Thanx!
> > > Ed
> >
> > Craig
> >
> >
> > --
> > To unsubscribe, e-mail:
> <ma...@jakarta.apache.org>
> > For additional commands, e-mail:
> <ma...@jakarta.apache.org>
> >
>
>
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
>
Milt Epstein
Research Programmer
Systems and Technology Services (STS)
Campus Information Technologies and Educational Services (CITES)
University of Illinois at Urbana-Champaign (UIUC)
mepstein@uiuc.edu
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: j_username in session cookie - where did it go?
Posted by Ed Thompson <et...@carolina.rr.com>.
OK, exploring the alternatives -
I authenticate, then I call the snoop.jsp in the tomcat examples directory,
and it indicates remote User is null.
Am I missing something else?
----- Original Message -----
From: "Craig R. McClanahan" <cr...@apache.org>
To: "Tomcat Users List" <to...@jakarta.apache.org>
Sent: Tuesday, August 13, 2002 10:41 PM
Subject: Re: j_username in session cookie - where did it go?
>
>
> On Tue, 13 Aug 2002, Ed Thompson wrote:
>
> > Date: Tue, 13 Aug 2002 21:57:53 -0400
> > From: Ed Thompson <et...@carolina.rr.com>
> > Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> > To: Tomcat Users List <to...@jakarta.apache.org>
> > Subject: j_username in session cookie - where did it go?
> >
> > I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2 to
> > Tomcat 4.0.4.
> >
> > I am using form based authentication, and found under 3.2 I could pull
> > j_username out of the session cookie after authenticaion was done.
> >
>
> That's not how it really worked under 3.2, although if you are using BASIC
> authentication you could decode the username out of the "Authorization"
> header.
>
> > Now under Tomcat 4 it doesn't seem to be there. I know I tried it under
> > Tomcat 4.0.1 before I upgraded and it worked, but not after uninstalling
3.2
> > and installing 4.0.4 from scratch..
> >
> > Can anyone shed light on what is (not) happening? Have the rules
changed or
> > have I not cfg'd something properly?
> >
>
> The portable way to get ahold of the authenticated username is to call
> request.getRemoteUser(). See the servlet spec for more details on
> container managed security:
>
> http://java.sun.com/products/servlet/download.html
>
> > Thanx!
> > Ed
>
> Craig
>
>
> --
> To unsubscribe, e-mail:
<ma...@jakarta.apache.org>
> For additional commands, e-mail:
<ma...@jakarta.apache.org>
>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: j_username in session cookie - where did it go?
Posted by "Craig R. McClanahan" <cr...@apache.org>.
On Tue, 13 Aug 2002, Ed Thompson wrote:
> Date: Tue, 13 Aug 2002 21:57:53 -0400
> From: Ed Thompson <et...@carolina.rr.com>
> Reply-To: Tomcat Users List <to...@jakarta.apache.org>
> To: Tomcat Users List <to...@jakarta.apache.org>
> Subject: j_username in session cookie - where did it go?
>
> I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2 to
> Tomcat 4.0.4.
>
> I am using form based authentication, and found under 3.2 I could pull
> j_username out of the session cookie after authenticaion was done.
>
That's not how it really worked under 3.2, although if you are using BASIC
authentication you could decode the username out of the "Authorization"
header.
> Now under Tomcat 4 it doesn't seem to be there. I know I tried it under
> Tomcat 4.0.1 before I upgraded and it worked, but not after uninstalling 3.2
> and installing 4.0.4 from scratch..
>
> Can anyone shed light on what is (not) happening? Have the rules changed or
> have I not cfg'd something properly?
>
The portable way to get ahold of the authenticated username is to call
request.getRemoteUser(). See the servlet spec for more details on
container managed security:
http://java.sun.com/products/servlet/download.html
> Thanx!
> Ed
Craig
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
j_username in session cookie - where did it go?
Posted by Ed Thompson <et...@carolina.rr.com>.
I have just upgraded (uninstalled and reintsalled) from Tomcat 3.2 to
Tomcat 4.0.4.
I am using form based authentication, and found under 3.2 I could pull
j_username out of the session cookie after authenticaion was done.
Now under Tomcat 4 it doesn't seem to be there. I know I tried it under
Tomcat 4.0.1 before I upgraded and it worked, but not after uninstalling 3.2
and installing 4.0.4 from scratch..
Can anyone shed light on what is (not) happening? Have the rules changed or
have I not cfg'd something properly?
Thanx!
Ed
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
RE: Can this be done...?
Posted by Jacob Hookom <ho...@uwec.edu>.
You might want to look at installing JSTL under the Taglibs "Standard"
It provides simple xslt transformation by selecting a file as a source
and a file as the xsl document, the download includes deployable wars
that demonstrate this functionality.
-Jake
| -----Original Message-----
| From: Tod Thomas [mailto:tod.thomas@verizon.net]
| Sent: Tuesday, August 13, 2002 7:31 PM
| To: tomcat-user@jakarta.apache.org
| Subject: Can this be done...?
|
| I want to use tomcat on my machine to test XSLT.
|
| I have a directory called Tomcat/webapps/testxslt. There I have
placed my
| test.xml and test.xsl files. I have copied xalan.jar, xml-apis.jar,
and
| xerces-Impl.jar into my $JAVA_HOME/jre/lib/endorsed directory. Using
| command line Xalan I have validated that both files are well formed
and
| work as expected. Using a browser I can get to both the xml and xsl
pages
| and view their contents, but the transformation never occurs. I do
have
| an href in the xml pointing to the xsl file.
|
| Am I wrong in thinking I can do this? Is there maybe something I need
to
| do to one of the configuration files to make this happen? I really
don't
| need the functionality of Cocoon yet so this scaled down testing
platform
| using Tomcat only would serve me well. Any suggestions?
|
| Thanks in advance.
|
| --
| To unsubscribe, e-mail: <mailto:tomcat-user-
| unsubscribe@jakarta.apache.org>
| For additional commands, e-mail: <mailto:tomcat-user-
| help@jakarta.apache.org>
|
| ---
| Incoming mail is certified Virus Free.
| Checked by AVG anti-virus system (http://www.grisoft.com).
| Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
|
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.381 / Virus Database: 214 - Release Date: 8/2/2002
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>