You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Darren Govoni <dg...@metadapt.com> on 2005/03/06 16:16:20 UTC
help on 5.5.7
Hi,
I tried adding.
<error-page>
<error-code>401</error-code>
<location>/error.jsp?type=401</location>
</error-page>
to my web.xml page (it was in the proper location, etc.) but my server still produces the default error
page. When I tried on my earlier 5.0.25 tomcat, it wouldn't even bring up my resources, which was weird.
Anyway, I tried various codes and locations. Nothing worked.
Any tips on this?
thank you,
Darren
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: help on 5.5.7
Posted by Chuck Williams <ch...@allthingslocal.com>.
Darren Govoni writes (3/6/2005 5:48 PM):
>On Sun, 2005-03-06 at 20:47 -0500, Darren Govoni wrote:
>
>
>
>>Thanks Chuck. This approach works better, although I would think
>>regardless of the auth form, the redirect to error
>>page would be independent.
>>
>>
I would think so to, but it seems that authentication errors are handled
outside of the normal error-page mechanism. FORM authentication
provides a special declaration for this (form-error-page), while BASIC
authentication provides no means to make such a declaration.
>>Any idea how to do FORM based auth from a Java client?
>>
>>
I'm not using Java on the client side and so am not sure. I'd think you
would need to set the form-login-page to reach your client and then send
back the same kind of request that is generated by a normal login form
(i.e., POST a request to j_security_check passing j_username and
j_password as parameters). Another benefit of this approach is that you
can configure it to use https with the right declaration if you choose to.
Chuck
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: help on 5.5.7
Posted by Darren Govoni <dg...@metadapt.com>.
On Sun, 2005-03-06 at 20:47 -0500, Darren Govoni wrote:
> Thanks Chuck. This approach works better, although I would think
> regardless of the auth form, the redirect to error
> page would be independent.
>
> Any idea how to do FORM based auth from a Java client?
>
> I was using Basic like this:
String credentials = u+":"+p;
//System.out.println(credentials);
String encoding = new sun.misc.BASE64Encoder().encode
(credentials.getBytes());
URLConnection uc = descURL.openConnection();
uc.setRequestProperty ("Authorization", "Basic " +
encoding);
InputStream descIS = uc.getInputStream();
>
>
> On Sun, 2005-03-06 at 17:04 -0800, Chuck Williams wrote:
>
> > Darren Govoni writes (3/6/2005 3:27 PM):
> >
> > >I only want it to forward to <error-page> on a code 401 _when the login
> > >attempt fails_ and it should prompt the user for that, which it doesn't.
> > >
> > >
> > Oh, this is for a login error? I use FORM authentication which provides
> > a form-error-page in the form-login-config. This is triggered for
> > authentication errors. I use separate error-page's for related errors
> > like a session-timeout while the user is on the login page (which
> > generates a 408). However, I don't believe the error-page mechanism
> > works for authentication errors, which is probably your issue with
> > BASIC authentication. How about switching to FORM authentication so you
> > have more control? Then you shouldn't have any issues (although it is
> > still a war path and not a url...)..
> >
> > Chuck
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: help on 5.5.7
Posted by Darren Govoni <dg...@metadapt.com>.
Thanks Chuck. This approach works better, although I would think
regardless of the auth form, the redirect to error
page would be independent.
Any idea how to do FORM based auth from a Java client?
I was using Basic like this:
On Sun, 2005-03-06 at 17:04 -0800, Chuck Williams wrote:
> Darren Govoni writes (3/6/2005 3:27 PM):
>
> >I only want it to forward to <error-page> on a code 401 _when the login
> >attempt fails_ and it should prompt the user for that, which it doesn't.
> >
> >
> Oh, this is for a login error? I use FORM authentication which provides
> a form-error-page in the form-login-config. This is triggered for
> authentication errors. I use separate error-page's for related errors
> like a session-timeout while the user is on the login page (which
> generates a 408). However, I don't believe the error-page mechanism
> works for authentication errors, which is probably your issue with
> BASIC authentication. How about switching to FORM authentication so you
> have more control? Then you shouldn't have any issues (although it is
> still a war path and not a url...)..
>
> Chuck
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: help on 5.5.7
Posted by Chuck Williams <ch...@allthingslocal.com>.
Darren Govoni writes (3/6/2005 3:27 PM):
>I only want it to forward to <error-page> on a code 401 _when the login
>attempt fails_ and it should prompt the user for that, which it doesn't.
>
>
Oh, this is for a login error? I use FORM authentication which provides
a form-error-page in the form-login-config. This is triggered for
authentication errors. I use separate error-page's for related errors
like a session-timeout while the user is on the login page (which
generates a 408). However, I don't believe the error-page mechanism
works for authentication errors, which is probably your issue with
BASIC authentication. How about switching to FORM authentication so you
have more control? Then you shouldn't have any issues (although it is
still a war path and not a url...)..
Chuck
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: help on 5.5.7
Posted by Darren Govoni <dg...@metadapt.com>.
I reverted back to 5.0.25 and it sorta works. Using Netscape on linux.
5.5.7 does not work for me.
Now, however, when I attempt to access a resource protected by BASIC
HTTP authentication. It DOES NOT prompt me for credentials, but rather
forwards to my error-page regardless. Yuck! That's not right either!
I only want it to forward to <error-page> on a code 401 _when the login
attempt fails_ and it should prompt the user for that, which it doesn't.
:(
Darren
On Sun, 2005-03-06 at 17:10 -0500, Darren Govoni wrote:
> Thanks for the response.
>
> I tried many variations. Nothing works for me (running linux,
> jdk1.5.0_01).
>
> I also added an error-page clause to the tomcat web.xml as well as my
> webapp. It always jumps to the default page.
>
> Here's what mine looks like. Wish it worked. :(
>
>
> <web-app xmlns="http://java.sun.com/xml/ns/j2ee"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
> http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
> version="2.4">
>
> .....stuff.....
>
> <error-page>
> <error-code>401</error-code>
> <location>/portal/nologin.jsp</location>
> </error-page>
> </web-app>
>
> On Sun, 2005-03-06 at 09:36 -0800, Chuck Williams wrote:
>
> > Darren Govoni writes (3/6/2005 7:16 AM):
> >
> > >Hi,
> > > I tried adding.
> > >
> > ><error-page>
> > > <error-code>401</error-code>
> > > <location>/error.jsp?type=401</location>
> > ></error-page>
> > >
> > >to my web.xml page (it was in the proper location, etc.) but my server still produces the default error
> > >page. When I tried on my earlier 5.0.25 tomcat, it wouldn't even bring up my resources, which was weird.
> > >
> > >Anyway, I tried various codes and locations. Nothing worked.
> > >
> > >Any tips on this?
> > >
> > >
> > As location takes a war-path and not a url, I suspect the "?type=401" is
> > your problem. This mechanism works fine for me when just using paths in
> > the war file.
> >
> > Chuck
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: help on 5.5.7
Posted by Darren Govoni <dg...@metadapt.com>.
Thanks for the response.
I tried many variations. Nothing works for me (running linux,
jdk1.5.0_01).
I also added an error-page clause to the tomcat web.xml as well as my
webapp. It always jumps to the default page.
Here's what mine looks like. Wish it worked. :(
<web-app xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
version="2.4">
.....stuff.....
<error-page>
<error-code>401</error-code>
<location>/portal/nologin.jsp</location>
</error-page>
</web-app>
On Sun, 2005-03-06 at 09:36 -0800, Chuck Williams wrote:
> Darren Govoni writes (3/6/2005 7:16 AM):
>
> >Hi,
> > I tried adding.
> >
> ><error-page>
> > <error-code>401</error-code>
> > <location>/error.jsp?type=401</location>
> ></error-page>
> >
> >to my web.xml page (it was in the proper location, etc.) but my server still produces the default error
> >page. When I tried on my earlier 5.0.25 tomcat, it wouldn't even bring up my resources, which was weird.
> >
> >Anyway, I tried various codes and locations. Nothing worked.
> >
> >Any tips on this?
> >
> >
> As location takes a war-path and not a url, I suspect the "?type=401" is
> your problem. This mechanism works fine for me when just using paths in
> the war file.
>
> Chuck
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: help on 5.5.7
Posted by Chuck Williams <ch...@allthingslocal.com>.
Darren Govoni writes (3/6/2005 7:16 AM):
>Hi,
> I tried adding.
>
><error-page>
> <error-code>401</error-code>
> <location>/error.jsp?type=401</location>
></error-page>
>
>to my web.xml page (it was in the proper location, etc.) but my server still produces the default error
>page. When I tried on my earlier 5.0.25 tomcat, it wouldn't even bring up my resources, which was weird.
>
>Anyway, I tried various codes and locations. Nothing worked.
>
>Any tips on this?
>
>
As location takes a war-path and not a url, I suspect the "?type=401" is
your problem. This mechanism works fine for me when just using paths in
the war file.
Chuck
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org