You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Francesco Viscomi <fv...@gmail.com> on 2016/05/15 11:58:20 UTC
using filter on web.xml
Hi all,
I've declared a filter in web.xm as:
<filter>
<filter-name>ShibbolethHeaderReaderFilter</filter-name>
<display-name>ShibbolethHeaderReaderFilter
IdPC</display-name>
<description></description>
<filter-class>it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc</filter-class>
<init-param>
<param-name>configurationFile</param-name>
<param-value>resources/shibboleth-spp-config.xml</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>ShibbolethHeaderReaderFilter</filter-name>
<url-pattern>/protected/*</url-pattern>
</filter-mapping>
where it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc
is a jar file that i don't know the source;
Now i do i call as:
http://localhost:8080/srlo/protected/login.html
and i get HTTP Status 404 the resource is not available.
My question is, why the filter do not activated: in the url the is the word
protect and the mapping of the filter is
<url-pattern>/protected/*</url-pattern>
--
Ing. Viscomi Francesco
Re: using filter on web.xml
Posted by Francesco Viscomi <fv...@gmail.com>.
Thanks Andrè.
the login page indeed has nothing inside, i just want to activate the
filter, because inside the filter there is the logic to authenticate the
user;
Anyway i really appreciate your suggestion.
Francesco
2016-05-15 14:09 GMT+02:00 André Warnier (tomcat) <aw...@ice-sa.com>:
> On 15.05.2016 13:58, Francesco Viscomi wrote:
>
>> Hi all,
>> I've declared a filter in web.xm as:
>>
>> <filter>
>> <filter-name>ShibbolethHeaderReaderFilter</filter-name>
>> <display-name>ShibbolethHeaderReaderFilter
>> IdPC</display-name>
>> <description></description>
>>
>>
>> <filter-class>it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc</filter-class>
>>
>> <init-param>
>> <param-name>configurationFile</param-name>
>>
>> <param-value>resources/shibboleth-spp-config.xml</param-value>
>> </init-param>
>> </filter>
>>
>> <filter-mapping>
>> <filter-name>ShibbolethHeaderReaderFilter</filter-name>
>> <url-pattern>/protected/*</url-pattern>
>> </filter-mapping>
>>
>>
>>
>>
>> where it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc
>> is a jar file that i don't know the source;
>>
>>
>> Now i do i call as:
>> http://localhost:8080/srlo/protected/login.html
>>
>> and i get HTTP Status 404 the resource is not available.
>>
>>
>>
>>
>> My question is, why the filter do not activated: in the url the is the
>> word
>> protect and the mapping of the filter is
>> <url-pattern>/protected/*</url-pattern>
>>
>>
> I don't know the details of it, and not much at all about Shibollet, but
> usually in an authentication scenario which involves a login page to
> authenticate a user, one would not include the login page in question, in
> the area that is protected by the authentication.
> This would ususally result in an endless logic loop.
> Think about it.
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
--
Ing. Viscomi Francesco
Re: using filter on web.xml
Posted by "André Warnier (tomcat)" <aw...@ice-sa.com>.
On 15.05.2016 13:58, Francesco Viscomi wrote:
> Hi all,
> I've declared a filter in web.xm as:
>
> <filter>
> <filter-name>ShibbolethHeaderReaderFilter</filter-name>
> <display-name>ShibbolethHeaderReaderFilter
> IdPC</display-name>
> <description></description>
>
> <filter-class>it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc</filter-class>
>
> <init-param>
> <param-name>configurationFile</param-name>
>
> <param-value>resources/shibboleth-spp-config.xml</param-value>
> </init-param>
> </filter>
>
> <filter-mapping>
> <filter-name>ShibbolethHeaderReaderFilter</filter-name>
> <url-pattern>/protected/*</url-pattern>
> </filter-mapping>
>
>
>
>
> where it.loset.idpcp.ri.filters.ShibbolethHeaderReaderFilterIdpc
> is a jar file that i don't know the source;
>
>
> Now i do i call as:
> http://localhost:8080/srlo/protected/login.html
>
> and i get HTTP Status 404 the resource is not available.
>
>
>
>
> My question is, why the filter do not activated: in the url the is the word
> protect and the mapping of the filter is
> <url-pattern>/protected/*</url-pattern>
>
I don't know the details of it, and not much at all about Shibollet, but usually in an
authentication scenario which involves a login page to authenticate a user, one would not
include the login page in question, in the area that is protected by the authentication.
This would ususally result in an endless logic loop.
Think about it.
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org