You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by 朱全鑫 <zh...@gmail.com> on 2007/09/05 16:51:26 UTC
Programmic login to tomcat using username and password
hi, everyone
I meet a problem about programmic login. I setup a tomcat server,
and deploy two WAR files (applications) on it. One of the application
A is protected by server authentication, and the other application B
is not. I want to setup a scenario : when user navigates the
application B, he could programmic login to tomcat using username and
password that is coded in the application of B, and then he
navigates the application A in the same browser, he never needs to
response the challenge promoted by application A.
I would very appreciate if someone could help me.
Thanks
Zhu Quanxin
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Programmic login to tomcat using username and password
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David,
David Delbecq wrote:
> AFAIK, the J2EE specs does not allow 'spontaneous login' from
> webapplication and am not sure tomcat give provision for this.
I think it's more like "the J2EE specs do not require it, therefore
Tomcat has chosen not to implement it".
> Another possibility might be the use of
> http://securityfilter.sourceforge.net/ which mimic a container security
> mechanism (respect of web.xml rules, use of realms) but allows for more
> flexibility than pure j2ee specs.
It does. One of the things is allows is "spontaneous logins".
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG4Gsa9CaO5/Lv0PARAiKxAKCkwzGTdiryT9cd3QatDea63MJ5sACeOj9w
pqGnWIwunuVJmyAuVfrm9iA=
=nVCu
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Programmic login to tomcat using username and password
Posted by David Delbecq <de...@oma.be>.
I somehow understand what you are trying to do. I suppose your idea is
to have user get an email with a serial number that allow them direct
access to a secured page. This serial would be associated internally by
your app with that user's credential.
AFAIK, the J2EE specs does not allow 'spontaneous login' from
webapplication and am not sure tomcat give provision for this. You could
probably revamp the SSO valve so that is can inject the basic
authentification header to tomcat.
Another possibility might be the use of
http://securityfilter.sourceforge.net/ which mimic a container security
mecanism (respect of web.xml rules, use of realms) but allows for more
flexibility than pure j2ee specs.
En l'instant précis du 06/09/07 07:31, zhu quanxin s'exprimait en ces
termes:
> Hi, Dave
>
> I am looking for tomcat API for doing programmic login. I read the
> source code of org.apache.catalina.authenticator.SingleSignOn, and
> find that it contains a method called reauthenticate maybe helpful.
>
> protected boolean reauthenticate(String ssoId, Realm realm,
> Request request) {
>
> if (ssoId == null || realm == null)
> return false;
>
> boolean reauthenticated = false;
>
> SingleSignOnEntry entry = lookup(ssoId);
> if (entry != null && entry.getCanReauthenticate()) {
>
> String username = entry.getUsername();
> if (username != null) {
> Principal reauthPrincipal =
> realm.authenticate(username,
> entry.getPassword());
> if (reauthPrincipal != null) {
> reauthenticated = true;
> // Bind the authorization credentials to the request
> request.setAuthType(entry.getAuthType());
> request.setUserPrincipal(reauthPrincipal);
> }
> }
> }
>
> return reauthenticated;
> }
>
> but when I use those code in my application(for example a servlet), it
> could not work. I think I could not get the instance of realm in
> tomcat server.
>
>
> do you have a better idea about programmic login, and how to write it?
>
> Thanks a lot~
> zhu quanxin
>
>
>
> 2007/9/6, Dave <ja...@yahoo.com>:
>
>> I think this feature is very basic. Everything should have a programmatic way.
>>
>> zhu quanxin <zh...@gmail.com> wrote: hi,David,
>>
>> My aim is that tomcat could authenticate users without promoting
>> any login form. I give out the userID and password in the servlet
>> code. when users navagate the servlet page, they would login to tomcat
>> as that userID identity.
>>
>>
>>
>> Thanks a lot!
>> Zhu quanxin
>>
>>
>>
>> 2007/9/6, David Delbecq :
>>
>>> Hi,
>>>
>>> Am not sure to understand what you want to do. You want to login user
>>> without requiring it, ever, to authenticate? That seems to me quite
>>> paradoxal. Maybe you should explain a bit more what you try to achieve...
>>>
>>> 朱全鑫 a écrit :
>>>
>>>> Hi,
>>>>
>>>> I have already enabled the SSO function in server.xml. It could be
>>>> promoted the challenge once when I visit the first webapp and without
>>>> login to all the webapps in the host. But I do not want any login form
>>>> promoted to users. So my point is, how do I write code in a jsp or
>>>> servlet to auto login to the first webapp without the login-form
>>>> promoted to users.
>>>> For example, in websphere application server, the following code
>>>> could be auto login to the server, If we give the right username and
>>>> password pair.
>>>>
>>>> code begin
>>>> ------------------
>>>> LoginContext lc = null;
>>>>
>>>> try {
>>>> lc = new LoginContext("WSLogin",
>>>> new WSCallbackHandlerImpl("userName", "password"));
>>>> } catch (LoginException le) {
>>>> System.out.println("Cannot create LoginContext. " + le.getMessage());
>>>> // Insert the error processing code
>>>> } catch(SecurityException se) {
>>>> System.out.println("Cannot create LoginContext." + se.getMessage());
>>>> // Insert the error processing code
>>>> }
>>>>
>>>> try {
>>>> lc.login();
>>>> } catch (LoginException le) {
>>>> System.out.println("Fails to create Subject. " + le.getMessage());
>>>> // Insert the error processing code
>>>> ----------------
>>>> code end
>>>>
>>>> I do not know if tomcat provide some APIs like the above, and we
>>>> could use the API to programmic login to the tomcat server. and where
>>>> to find the instruction to use the API?
>>>>
>>>>
>>>> Many Thanks!
>>>> Zhu quanxin
>>>>
>>>>
>>>>
>>>> 2007/9/5, David Delbecq :
>>>>
>>>>
>>>>> http://tomcat.apache.org/tomcat-5.5-doc/config/host.html
>>>>>
>>>>> See section about single-sign. This share credential between webapps.
>>>>>
>>>>> Note: it's not a "programamtic". It just let all your application share
>>>>> a same authentification token. Once you authenticate using J2EE
>>>>> compliant method in application X, it's not necessary to login into
>>>>> other application Y on same host that is also using J2EE compliant
>>>>> authentification mecanism.
>>>>>
>>>>> En l'instant précis du 05/09/07 16:51, 朱全鑫 s'exprimait en ces termes:
>>>>>
>>>>>
>>>>>> hi, everyone
>>>>>>
>>>>>> I meet a problem about programmic login. I setup a tomcat server,
>>>>>> and deploy two WAR files (applications) on it. One of the application
>>>>>> A is protected by server authentication, and the other application B
>>>>>> is not. I want to setup a scenario : when user navigates the
>>>>>> application B, he could programmic login to tomcat using username and
>>>>>> password that is coded in the application of B, and then he
>>>>>> navigates the application A in the same browser, he never needs to
>>>>>> response the challenge promoted by application A.
>>>>>>
>>>>>> I would very appreciate if someone could help me.
>>>>>>
>>>>>> Thanks
>>>>>>
>>>>>> Zhu Quanxin
>>>>>>
>>>>>> ---------------------------------------------------------------------
>>>>>> To start a new topic, e-mail: users@tomcat.apache.org
>>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>>
>>>>>>
>>>>>>
>>>>> --
>>>>> http://www.noooxml.org/
>>>>>
>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To start a new topic, e-mail: users@tomcat.apache.org
>>>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>>>
>>>>>
>>>>>
>>>>>
>>> ---------------------------------------------------------------------
>>> To start a new topic, e-mail: users@tomcat.apache.org
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>>>
>> --
>> 致
>> 礼!
>>
>> 朱全鑫
>>
>>
>>
>> ---------------------------------
>> Be a better Globetrotter. Get better travel answers from someone who knows.
>> Yahoo! Answers - Check it out.
>>
>
>
>
--
http://www.noooxml.org/
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Programmic login to tomcat using username and password
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Quanxin,
zhu quanxin wrote:
> I am looking for tomcat API for doing programmatic login. I read the
> source code of org.apache.catalina.authenticator.SingleSignOn, and
> find that it contains a method called reauthenticate maybe helpful.
[snip]
> but when I use those code in my application(for example a servlet), it
> could not work. I think I could not get the instance of realm in
> tomcat server.
That's because the Request object isn't an HttpServletRequest object,
which is what you have in your servlet. Without trouble, you can't get
access to this internal object from your servlet.
> do you have a better idea about programmic login, and how to write it?
Check out securityfilter... it keeps the user's principal in the session
instead of somewhere else, so it's easy to get. Not sure if it plays
well with SSO, though.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG4Gq69CaO5/Lv0PARAgHjAKC9I7NFT3j48+CXdFm4DiIzyUEL5gCgiV40
wR5JB0V+ELPuTGJ2rucBLus=
=HkxJ
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Programmic login to tomcat using username and password
Posted by zhu quanxin <zh...@gmail.com>.
Hi, Dave
I am looking for tomcat API for doing programmic login. I read the
source code of org.apache.catalina.authenticator.SingleSignOn, and
find that it contains a method called reauthenticate maybe helpful.
protected boolean reauthenticate(String ssoId, Realm realm,
Request request) {
if (ssoId == null || realm == null)
return false;
boolean reauthenticated = false;
SingleSignOnEntry entry = lookup(ssoId);
if (entry != null && entry.getCanReauthenticate()) {
String username = entry.getUsername();
if (username != null) {
Principal reauthPrincipal =
realm.authenticate(username,
entry.getPassword());
if (reauthPrincipal != null) {
reauthenticated = true;
// Bind the authorization credentials to the request
request.setAuthType(entry.getAuthType());
request.setUserPrincipal(reauthPrincipal);
}
}
}
return reauthenticated;
}
but when I use those code in my application(for example a servlet), it
could not work. I think I could not get the instance of realm in
tomcat server.
do you have a better idea about programmic login, and how to write it?
Thanks a lot~
zhu quanxin
2007/9/6, Dave <ja...@yahoo.com>:
> I think this feature is very basic. Everything should have a programmatic way.
>
> zhu quanxin <zh...@gmail.com> wrote: hi,David,
>
> My aim is that tomcat could authenticate users without promoting
> any login form. I give out the userID and password in the servlet
> code. when users navagate the servlet page, they would login to tomcat
> as that userID identity.
>
>
>
> Thanks a lot!
> Zhu quanxin
>
>
>
> 2007/9/6, David Delbecq :
> > Hi,
> >
> > Am not sure to understand what you want to do. You want to login user
> > without requiring it, ever, to authenticate? That seems to me quite
> > paradoxal. Maybe you should explain a bit more what you try to achieve...
> >
> > 朱全鑫 a écrit :
> > > Hi,
> > >
> > > I have already enabled the SSO function in server.xml. It could be
> > > promoted the challenge once when I visit the first webapp and without
> > > login to all the webapps in the host. But I do not want any login form
> > > promoted to users. So my point is, how do I write code in a jsp or
> > > servlet to auto login to the first webapp without the login-form
> > > promoted to users.
> > > For example, in websphere application server, the following code
> > > could be auto login to the server, If we give the right username and
> > > password pair.
> > >
> > > code begin
> > > ------------------
> > > LoginContext lc = null;
> > >
> > > try {
> > > lc = new LoginContext("WSLogin",
> > > new WSCallbackHandlerImpl("userName", "password"));
> > > } catch (LoginException le) {
> > > System.out.println("Cannot create LoginContext. " + le.getMessage());
> > > // Insert the error processing code
> > > } catch(SecurityException se) {
> > > System.out.println("Cannot create LoginContext." + se.getMessage());
> > > // Insert the error processing code
> > > }
> > >
> > > try {
> > > lc.login();
> > > } catch (LoginException le) {
> > > System.out.println("Fails to create Subject. " + le.getMessage());
> > > // Insert the error processing code
> > > ----------------
> > > code end
> > >
> > > I do not know if tomcat provide some APIs like the above, and we
> > > could use the API to programmic login to the tomcat server. and where
> > > to find the instruction to use the API?
> > >
> > >
> > > Many Thanks!
> > > Zhu quanxin
> > >
> > >
> > >
> > > 2007/9/5, David Delbecq :
> > >
> > >> http://tomcat.apache.org/tomcat-5.5-doc/config/host.html
> > >>
> > >> See section about single-sign. This share credential between webapps.
> > >>
> > >> Note: it's not a "programamtic". It just let all your application share
> > >> a same authentification token. Once you authenticate using J2EE
> > >> compliant method in application X, it's not necessary to login into
> > >> other application Y on same host that is also using J2EE compliant
> > >> authentification mecanism.
> > >>
> > >> En l'instant précis du 05/09/07 16:51, 朱全鑫 s'exprimait en ces termes:
> > >>
> > >>> hi, everyone
> > >>>
> > >>> I meet a problem about programmic login. I setup a tomcat server,
> > >>> and deploy two WAR files (applications) on it. One of the application
> > >>> A is protected by server authentication, and the other application B
> > >>> is not. I want to setup a scenario : when user navigates the
> > >>> application B, he could programmic login to tomcat using username and
> > >>> password that is coded in the application of B, and then he
> > >>> navigates the application A in the same browser, he never needs to
> > >>> response the challenge promoted by application A.
> > >>>
> > >>> I would very appreciate if someone could help me.
> > >>>
> > >>> Thanks
> > >>>
> > >>> Zhu Quanxin
> > >>>
> > >>> ---------------------------------------------------------------------
> > >>> To start a new topic, e-mail: users@tomcat.apache.org
> > >>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > >>> For additional commands, e-mail: users-help@tomcat.apache.org
> > >>>
> > >>>
> > >> --
> > >> http://www.noooxml.org/
> > >>
> > >>
> > >> ---------------------------------------------------------------------
> > >> To start a new topic, e-mail: users@tomcat.apache.org
> > >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > >> For additional commands, e-mail: users-help@tomcat.apache.org
> > >>
> > >>
> > >>
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
> >
>
>
> --
> 致
> 礼!
>
> 朱全鑫
>
>
>
> ---------------------------------
> Be a better Globetrotter. Get better travel answers from someone who knows.
> Yahoo! Answers - Check it out.
--
致
礼!
朱全鑫
Re: Programmic login to tomcat using username and password
Posted by Dave <ja...@yahoo.com>.
I think this feature is very basic. Everything should have a programmatic way.
zhu quanxin <zh...@gmail.com> wrote: hi,David,
My aim is that tomcat could authenticate users without promoting
any login form. I give out the userID and password in the servlet
code. when users navagate the servlet page, they would login to tomcat
as that userID identity.
Thanks a lot!
Zhu quanxin
2007/9/6, David Delbecq :
> Hi,
>
> Am not sure to understand what you want to do. You want to login user
> without requiring it, ever, to authenticate? That seems to me quite
> paradoxal. Maybe you should explain a bit more what you try to achieve...
>
> ÖìÈ«öÎ a ¨¦crit :
> > Hi,
> >
> > I have already enabled the SSO function in server.xml. It could be
> > promoted the challenge once when I visit the first webapp and without
> > login to all the webapps in the host. But I do not want any login form
> > promoted to users. So my point is, how do I write code in a jsp or
> > servlet to auto login to the first webapp without the login-form
> > promoted to users.
> > For example, in websphere application server, the following code
> > could be auto login to the server, If we give the right username and
> > password pair.
> >
> > code begin
> > ------------------
> > LoginContext lc = null;
> >
> > try {
> > lc = new LoginContext("WSLogin",
> > new WSCallbackHandlerImpl("userName", "password"));
> > } catch (LoginException le) {
> > System.out.println("Cannot create LoginContext. " + le.getMessage());
> > // Insert the error processing code
> > } catch(SecurityException se) {
> > System.out.println("Cannot create LoginContext." + se.getMessage());
> > // Insert the error processing code
> > }
> >
> > try {
> > lc.login();
> > } catch (LoginException le) {
> > System.out.println("Fails to create Subject. " + le.getMessage());
> > // Insert the error processing code
> > ----------------
> > code end
> >
> > I do not know if tomcat provide some APIs like the above, and we
> > could use the API to programmic login to the tomcat server. and where
> > to find the instruction to use the API?
> >
> >
> > Many Thanks!
> > Zhu quanxin
> >
> >
> >
> > 2007/9/5, David Delbecq :
> >
> >> http://tomcat.apache.org/tomcat-5.5-doc/config/host.html
> >>
> >> See section about single-sign. This share credential between webapps.
> >>
> >> Note: it's not a "programamtic". It just let all your application share
> >> a same authentification token. Once you authenticate using J2EE
> >> compliant method in application X, it's not necessary to login into
> >> other application Y on same host that is also using J2EE compliant
> >> authentification mecanism.
> >>
> >> En l'instant pr¨¦cis du 05/09/07 16:51, ÖìÈ«öÎ s'exprimait en ces termes:
> >>
> >>> hi, everyone
> >>>
> >>> I meet a problem about programmic login. I setup a tomcat server,
> >>> and deploy two WAR files (applications) on it. One of the application
> >>> A is protected by server authentication, and the other application B
> >>> is not. I want to setup a scenario : when user navigates the
> >>> application B, he could programmic login to tomcat using username and
> >>> password that is coded in the application of B, and then he
> >>> navigates the application A in the same browser, he never needs to
> >>> response the challenge promoted by application A.
> >>>
> >>> I would very appreciate if someone could help me.
> >>>
> >>> Thanks
> >>>
> >>> Zhu Quanxin
> >>>
> >>> ---------------------------------------------------------------------
> >>> To start a new topic, e-mail: users@tomcat.apache.org
> >>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >>> For additional commands, e-mail: users-help@tomcat.apache.org
> >>>
> >>>
> >> --
> >> http://www.noooxml.org/
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To start a new topic, e-mail: users@tomcat.apache.org
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
ÖÂ
Àñ£¡
ÖìÈ«öÎ
---------------------------------
Be a better Globetrotter. Get better travel answers from someone who knows.
Yahoo! Answers - Check it out.
Re: Programmic login to tomcat using username and password
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Quanxin,
zhu quanxin wrote:
> My aim is that tomcat could authenticate users without promoting any
> login form.
That is usually known as "not authenticating".
> I give out the userID and password in the servlet code. when users
> navagate the servlet page, they would login to tomcat as that userID
> identity.
Huh?
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFG4God9CaO5/Lv0PARAtAnAJ9mkJ6Qv1BChUnR9h5JqpBSQCqDtQCgkO2v
LixDk4XYZ/suxTT3PY2jA+w=
=k6DN
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Programmic login to tomcat using username and password
Posted by zhu quanxin <zh...@gmail.com>.
hi,David,
My aim is that tomcat could authenticate users without promoting
any login form. I give out the userID and password in the servlet
code. when users navagate the servlet page, they would login to tomcat
as that userID identity.
Thanks a lot!
Zhu quanxin
2007/9/6, David Delbecq <de...@oma.be>:
> Hi,
>
> Am not sure to understand what you want to do. You want to login user
> without requiring it, ever, to authenticate? That seems to me quite
> paradoxal. Maybe you should explain a bit more what you try to achieve...
>
> 朱全鑫 a écrit :
> > Hi,
> >
> > I have already enabled the SSO function in server.xml. It could be
> > promoted the challenge once when I visit the first webapp and without
> > login to all the webapps in the host. But I do not want any login form
> > promoted to users. So my point is, how do I write code in a jsp or
> > servlet to auto login to the first webapp without the login-form
> > promoted to users.
> > For example, in websphere application server, the following code
> > could be auto login to the server, If we give the right username and
> > password pair.
> >
> > code begin
> > ------------------
> > LoginContext lc = null;
> >
> > try {
> > lc = new LoginContext("WSLogin",
> > new WSCallbackHandlerImpl("userName", "password"));
> > } catch (LoginException le) {
> > System.out.println("Cannot create LoginContext. " + le.getMessage());
> > // Insert the error processing code
> > } catch(SecurityException se) {
> > System.out.println("Cannot create LoginContext." + se.getMessage());
> > // Insert the error processing code
> > }
> >
> > try {
> > lc.login();
> > } catch (LoginException le) {
> > System.out.println("Fails to create Subject. " + le.getMessage());
> > // Insert the error processing code
> > ----------------
> > code end
> >
> > I do not know if tomcat provide some APIs like the above, and we
> > could use the API to programmic login to the tomcat server. and where
> > to find the instruction to use the API?
> >
> >
> > Many Thanks!
> > Zhu quanxin
> >
> >
> >
> > 2007/9/5, David Delbecq <de...@oma.be>:
> >
> >> http://tomcat.apache.org/tomcat-5.5-doc/config/host.html
> >>
> >> See section about single-sign. This share credential between webapps.
> >>
> >> Note: it's not a "programamtic". It just let all your application share
> >> a same authentification token. Once you authenticate using J2EE
> >> compliant method in application X, it's not necessary to login into
> >> other application Y on same host that is also using J2EE compliant
> >> authentification mecanism.
> >>
> >> En l'instant précis du 05/09/07 16:51, 朱全鑫 s'exprimait en ces termes:
> >>
> >>> hi, everyone
> >>>
> >>> I meet a problem about programmic login. I setup a tomcat server,
> >>> and deploy two WAR files (applications) on it. One of the application
> >>> A is protected by server authentication, and the other application B
> >>> is not. I want to setup a scenario : when user navigates the
> >>> application B, he could programmic login to tomcat using username and
> >>> password that is coded in the application of B, and then he
> >>> navigates the application A in the same browser, he never needs to
> >>> response the challenge promoted by application A.
> >>>
> >>> I would very appreciate if someone could help me.
> >>>
> >>> Thanks
> >>>
> >>> Zhu Quanxin
> >>>
> >>> ---------------------------------------------------------------------
> >>> To start a new topic, e-mail: users@tomcat.apache.org
> >>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >>> For additional commands, e-mail: users-help@tomcat.apache.org
> >>>
> >>>
> >> --
> >> http://www.noooxml.org/
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To start a new topic, e-mail: users@tomcat.apache.org
> >> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> >> For additional commands, e-mail: users-help@tomcat.apache.org
> >>
> >>
> >>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
致
礼!
朱全鑫
Re: Programmic login to tomcat using username and password
Posted by David Delbecq <de...@oma.be>.
Hi,
Am not sure to understand what you want to do. You want to login user
without requiring it, ever, to authenticate? That seems to me quite
paradoxal. Maybe you should explain a bit more what you try to achieve...
朱全鑫 a écrit :
> Hi,
>
> I have already enabled the SSO function in server.xml. It could be
> promoted the challenge once when I visit the first webapp and without
> login to all the webapps in the host. But I do not want any login form
> promoted to users. So my point is, how do I write code in a jsp or
> servlet to auto login to the first webapp without the login-form
> promoted to users.
> For example, in websphere application server, the following code
> could be auto login to the server, If we give the right username and
> password pair.
>
> code begin
> ------------------
> LoginContext lc = null;
>
> try {
> lc = new LoginContext("WSLogin",
> new WSCallbackHandlerImpl("userName", "password"));
> } catch (LoginException le) {
> System.out.println("Cannot create LoginContext. " + le.getMessage());
> // Insert the error processing code
> } catch(SecurityException se) {
> System.out.println("Cannot create LoginContext." + se.getMessage());
> // Insert the error processing code
> }
>
> try {
> lc.login();
> } catch (LoginException le) {
> System.out.println("Fails to create Subject. " + le.getMessage());
> // Insert the error processing code
> ----------------
> code end
>
> I do not know if tomcat provide some APIs like the above, and we
> could use the API to programmic login to the tomcat server. and where
> to find the instruction to use the API?
>
>
> Many Thanks!
> Zhu quanxin
>
>
>
> 2007/9/5, David Delbecq <de...@oma.be>:
>
>> http://tomcat.apache.org/tomcat-5.5-doc/config/host.html
>>
>> See section about single-sign. This share credential between webapps.
>>
>> Note: it's not a "programamtic". It just let all your application share
>> a same authentification token. Once you authenticate using J2EE
>> compliant method in application X, it's not necessary to login into
>> other application Y on same host that is also using J2EE compliant
>> authentification mecanism.
>>
>> En l'instant précis du 05/09/07 16:51, 朱全鑫 s'exprimait en ces termes:
>>
>>> hi, everyone
>>>
>>> I meet a problem about programmic login. I setup a tomcat server,
>>> and deploy two WAR files (applications) on it. One of the application
>>> A is protected by server authentication, and the other application B
>>> is not. I want to setup a scenario : when user navigates the
>>> application B, he could programmic login to tomcat using username and
>>> password that is coded in the application of B, and then he
>>> navigates the application A in the same browser, he never needs to
>>> response the challenge promoted by application A.
>>>
>>> I would very appreciate if someone could help me.
>>>
>>> Thanks
>>>
>>> Zhu Quanxin
>>>
>>> ---------------------------------------------------------------------
>>> To start a new topic, e-mail: users@tomcat.apache.org
>>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>>> For additional commands, e-mail: users-help@tomcat.apache.org
>>>
>>>
>> --
>> http://www.noooxml.org/
>>
>>
>> ---------------------------------------------------------------------
>> To start a new topic, e-mail: users@tomcat.apache.org
>> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
>> For additional commands, e-mail: users-help@tomcat.apache.org
>>
>>
>>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: Programmic login to tomcat using username and password
Posted by 朱全鑫 <zh...@gmail.com>.
Hi,
I have already enabled the SSO function in server.xml. It could be
promoted the challenge once when I visit the first webapp and without
login to all the webapps in the host. But I do not want any login form
promoted to users. So my point is, how do I write code in a jsp or
servlet to auto login to the first webapp without the login-form
promoted to users.
For example, in websphere application server, the following code
could be auto login to the server, If we give the right username and
password pair.
code begin
------------------
LoginContext lc = null;
try {
lc = new LoginContext("WSLogin",
new WSCallbackHandlerImpl("userName", "password"));
} catch (LoginException le) {
System.out.println("Cannot create LoginContext. " + le.getMessage());
// Insert the error processing code
} catch(SecurityException se) {
System.out.println("Cannot create LoginContext." + se.getMessage());
// Insert the error processing code
}
try {
lc.login();
} catch (LoginException le) {
System.out.println("Fails to create Subject. " + le.getMessage());
// Insert the error processing code
----------------
code end
I do not know if tomcat provide some APIs like the above, and we
could use the API to programmic login to the tomcat server. and where
to find the instruction to use the API?
Many Thanks!
Zhu quanxin
2007/9/5, David Delbecq <de...@oma.be>:
> http://tomcat.apache.org/tomcat-5.5-doc/config/host.html
>
> See section about single-sign. This share credential between webapps.
>
> Note: it's not a "programamtic". It just let all your application share
> a same authentification token. Once you authenticate using J2EE
> compliant method in application X, it's not necessary to login into
> other application Y on same host that is also using J2EE compliant
> authentification mecanism.
>
> En l'instant précis du 05/09/07 16:51, 朱全鑫 s'exprimait en ces termes:
> > hi, everyone
> >
> > I meet a problem about programmic login. I setup a tomcat server,
> > and deploy two WAR files (applications) on it. One of the application
> > A is protected by server authentication, and the other application B
> > is not. I want to setup a scenario : when user navigates the
> > application B, he could programmic login to tomcat using username and
> > password that is coded in the application of B, and then he
> > navigates the application A in the same browser, he never needs to
> > response the challenge promoted by application A.
> >
> > I would very appreciate if someone could help me.
> >
> > Thanks
> >
> > Zhu Quanxin
> >
> > ---------------------------------------------------------------------
> > To start a new topic, e-mail: users@tomcat.apache.org
> > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > For additional commands, e-mail: users-help@tomcat.apache.org
> >
>
>
> --
> http://www.noooxml.org/
>
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: Programmic login to tomcat using username and password
Posted by David Delbecq <de...@oma.be>.
http://tomcat.apache.org/tomcat-5.5-doc/config/host.html
See section about single-sign. This share credential between webapps.
Note: it's not a "programamtic". It just let all your application share
a same authentification token. Once you authenticate using J2EE
compliant method in application X, it's not necessary to login into
other application Y on same host that is also using J2EE compliant
authentification mecanism.
En l'instant précis du 05/09/07 16:51, 朱全鑫 s'exprimait en ces termes:
> hi, everyone
>
> I meet a problem about programmic login. I setup a tomcat server,
> and deploy two WAR files (applications) on it. One of the application
> A is protected by server authentication, and the other application B
> is not. I want to setup a scenario : when user navigates the
> application B, he could programmic login to tomcat using username and
> password that is coded in the application of B, and then he
> navigates the application A in the same browser, he never needs to
> response the challenge promoted by application A.
>
> I would very appreciate if someone could help me.
>
> Thanks
>
> Zhu Quanxin
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
--
http://www.noooxml.org/
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org