You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Francesco Viscomi <fv...@gmail.com> on 2016/05/15 11:58:20 UTC

using filter on web.xml

Hi all,
I've declared a filter in web.xm as:

<filter>
            <filter-name>ShibbolethHeaderReaderFilter</filter-name>
            <display-name>ShibbolethHeaderReaderFilter
IdPC</display-name>
            <description></description>

<filter-class>it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc</filter-class>

            <init-param>
                <param-name>configurationFile</param-name>

<param-value>resources/shibboleth-spp-config.xml</param-value>
            </init-param>
        </filter>

        <filter-mapping>
            <filter-name>ShibbolethHeaderReaderFilter</filter-name>
            <url-pattern>/protected/*</url-pattern>
        </filter-mapping>




where it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc
is a jar file that i don't know the source;


Now i do i call as:
http://localhost:8080/srlo/protected/login.html

and i get HTTP Status 404 the resource is not available.




My question is, why the filter do not activated: in the url the is the word
protect and the mapping of the filter is
<url-pattern>/protected/*</url-pattern>





-- 
Ing. Viscomi Francesco

Re: using filter on web.xml

Posted by Francesco Viscomi <fv...@gmail.com>.

Thanks Andrè.
the login page indeed has nothing inside, i just want to activate the
filter, because inside the filter there is the logic to authenticate the
user;
Anyway i really appreciate your suggestion.

Francesco

2016-05-15 14:09 GMT+02:00 André Warnier (tomcat) <aw...@ice-sa.com>:

> On 15.05.2016 13:58, Francesco Viscomi wrote:
>
>> Hi all,
>> I've declared a filter in web.xm as:
>>
>> <filter>
>>              <filter-name>ShibbolethHeaderReaderFilter</filter-name>
>>              <display-name>ShibbolethHeaderReaderFilter
>> IdPC</display-name>
>>              <description></description>
>>
>>
>> <filter-class>it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc</filter-class>
>>
>>              <init-param>
>>                  <param-name>configurationFile</param-name>
>>
>> <param-value>resources/shibboleth-spp-config.xml</param-value>
>>              </init-param>
>>          </filter>
>>
>>          <filter-mapping>
>>              <filter-name>ShibbolethHeaderReaderFilter</filter-name>
>>              <url-pattern>/protected/*</url-pattern>
>>          </filter-mapping>
>>
>>
>>
>>
>> where it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc
>> is a jar file that i don't know the source;
>>
>>
>> Now i do i call as:
>> http://localhost:8080/srlo/protected/login.html
>>
>> and i get HTTP Status 404 the resource is not available.
>>
>>
>>
>>
>> My question is, why the filter do not activated: in the url the is the
>> word
>> protect and the mapping of the filter is
>> <url-pattern>/protected/*</url-pattern>
>>
>>
> I don't know the details of it, and not much at all about Shibollet, but
> usually in an authentication scenario which involves a login page to
> authenticate a user, one would not include the login page in question, in
> the area that is protected by the authentication.
> This would ususally result in an endless logic loop.
> Think about it.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>


-- 
Ing. Viscomi Francesco

Re: using filter on web.xml

Posted by "André Warnier (tomcat)" <aw...@ice-sa.com>.

On 15.05.2016 13:58, Francesco Viscomi wrote:
> Hi all,
> I've declared a filter in web.xm as:
>
> <filter>
>              <filter-name>ShibbolethHeaderReaderFilter</filter-name>
>              <display-name>ShibbolethHeaderReaderFilter
> IdPC</display-name>
>              <description></description>
>
> <filter-class>it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc</filter-class>
>
>              <init-param>
>                  <param-name>configurationFile</param-name>
>
> <param-value>resources/shibboleth-spp-config.xml</param-value>
>              </init-param>
>          </filter>
>
>          <filter-mapping>
>              <filter-name>ShibbolethHeaderReaderFilter</filter-name>
>              <url-pattern>/protected/*</url-pattern>
>          </filter-mapping>
>
>
>
>
> where it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc
> is a jar file that i don't know the source;
>
>
> Now i do i call as:
> http://localhost:8080/srlo/protected/login.html
>
> and i get HTTP Status 404 the resource is not available.
>
>
>
>
> My question is, why the filter do not activated: in the url the is the word
> protect and the mapping of the filter is
> <url-pattern>/protected/*</url-pattern>
>

I don't know the details of it, and not much at all about Shibollet, but usually in an 
authentication scenario which involves a login page to authenticate a user, one would not 
include the login page in question, in the area that is protected by the authentication.
This would ususally result in an endless logic loop.
Think about it.



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org