You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Mark Leone <mi...@verizon.net> on 2006/04/30 06:08:58 UTC
Can't authenticate to admin, tried everything
I have tomcat 5.5.17 and I recently downloaded the admin web app. I
can't seem to find a way to authenticate to it. I have an existing
JDBCRealm that works fine with the manager web app, using digested
passwords. I added a user with a non-digested password, since admin uses
FORM authentication, but I still get authenticate failures.
Below is what I have for server\webapps\admin\WEB-INF\web.xml (just the
relevant portion, where teh security constraints are defined). I just
modified the realm name to point to the aforementioned JDBCRealm. I have
a user registered there with non-digested password whose role is admin,
but I still get authentication failures when I try to access admin. I
also tried configuring the UserDatabaseRealm using
conf\tomcat-users.xml, just to get another data point, and that didn't
work either. Anyone know what I'm missing??
-Mark
<security-constraint>
<display-name>Tomcat Server Configuration Security
Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>*.jsp</url-pattern>
<url-pattern>*.do</url-pattern>
<url-pattern>*.html</url-pattern>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<!-- Login configuration uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>JDBCRealm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
<!-- Security roles referenced by this web application -->
<security-role>
<description>
The role that is required to log in to the Administration Application
</description>
<role-name>admin</role-name>
</security-role>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Can't authenticate to admin, tried everything
Posted by Mark Leone <mi...@verizon.net>.
Mark Leone wrote:
> I have tomcat 5.5.17 and I recently downloaded the admin web app. I
> can't seem to find a way to authenticate to it. I have an existing
> JDBCRealm that works fine with the manager web app, using digested
> passwords. I added a user with a non-digested password, since admin
> uses FORM authentication, but I still get authenticate failures.
>
Well, I guess I didn't try as much as I thought I did. I was confusing
DIGEST authentication with digested passwords, though I know better. I
was entering the cleartext password in the Realm database, instead of
the digested version of the cleartext password. Now it works. However, I
still don't know why the UserDatabaseRealm didn't work, since that realm
doesn't use digested passwords. But that was only for test purposes anyway.
-Mark
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org