You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by LERBSCHER Jean-Pierre <je...@cofiroute.fr> on 2005/02/10 09:27:48 UTC

RE : Security Newbie - Need Help

Hi,
Could you verify  that you have declared your admin role in the web.xml
file.
    <security-role>
      <role-name>admin</role-name>
    </security-role>

-----Message d'origine-----
De : Luke [mailto:luke@lukeshannon.com] 
Envoyé : jeudi 10 février 2005 07:33
À : Tomcat Users List
Objet : Security Newbie - Need Help


Hi;

I am trying to install a security realm for my application. I am expecting a
browser login window. But instead I get:

 HTTP Status 403 - Configuration error: Cannot perform access control
without an authenticated principal
type Status report
message Configuration error: Cannot perform access control without an
authenticated principal
description Access to the specified resource (Configuration error: Cannot
perform access control without an authenticated principal) has been
forbidden.
Apache Tomcat/5.0.28

Why I am not getting the login window?

Here is the web.xml in project root/WEB-INF

<security-constraint>
<web-resource-collection>
<web-resource-name>fw</web-resource-name>
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
</security-constraint>


 <Realm  className="org.apache.catalina.realm.JDBCRealm" debug="99"
        driverName="org.gjt.mm.mysql.Driver"

connectionURL="jdbc:mysql://localhost/applicationusers?user=user&amp;passwor
d=password"
        userTable="applicationusers" userNameCol="user_name"
        userCredCol="user_pass" userRoleTable="user_roles"
roleNameCol="role_name" />

The table structure was created using the following sql:

create table users (
  user_name         varchar(15) not null primary key,
  user_pass         varchar(15) not null

);

create table user_roles (
  user_name         varchar(15) not null,
  role_name         varchar(15) not null,
  primary key (user_name, role_name)
);

How can I trouble shoot this? The log doesn't show anything. Any tips would
be great.

Thanks,

Luke



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Security Newbie - Need Help

Posted by Luke <lu...@lukeshannon.com>.

Hi;

Here is the roles table:

mysql> select * from roles;
+-----------+
| role_name |
+-----------+
| admin     |
+-----------+
1 row in set (0.02 sec)

I noticed I did have a mistake in the realm declaration in my server.xml. I
had the wrong user table name. That is fixed this but still have the
problem:

      <Realm  className="org.apache.catalina.realm.JDBCRealm" debug="99"
        driverName="org.gjt.mm.mysql.Driver"

connectionURL="jdbc:mysql://localhost/tomcatusers?user=user&amp;password=pas
sword"
        userTable="users" userNameCol="user_name"
        userCredCol="user_pass" userRoleTable="user_roles"
roleNameCol="role_name" />

I also changed my security declaration to have a realm-name in the login
config:

<!-- security -->
<security-constraint>
<web-resource-collection>
<web-resource-name>fw</web-resource-name>
<url-pattern>*.do</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>fw</realm-name>
</login-config>
</security-constraint>

The error is (which appears without a login window first allowing me to
authenticate):


HTTP Status 403 - Configuration error: Cannot perform access control without
an authenticated principal
type Status report
message Configuration error: Cannot perform access control without an
authenticated principal
description Access to the specified resource (Configuration error: Cannot
perform access control without an authenticated principal) has been
forbidden.
Apache Tomcat/5.0.28


Thanks,

Luke

----- Original Message ----- 
From: "LERBSCHER Jean-Pierre" <je...@cofiroute.fr>
To: "'Tomcat Users List'" <to...@jakarta.apache.org>
Sent: Thursday, February 10, 2005 12:27 AM
Subject: RE : Security Newbie - Need Help


> Hi,
> Could you verify  that you have declared your admin role in the web.xml
> file.
>     <security-role>
>       <role-name>admin</role-name>
>     </security-role>
>
> -----Message d'origine-----
> De : Luke [mailto:luke@lukeshannon.com]
> Envoyé : jeudi 10 février 2005 07:33
> À : Tomcat Users List
> Objet : Security Newbie - Need Help
>
>
> Hi;
>
> I am trying to install a security realm for my application. I am expecting
a
> browser login window. But instead I get:
>
>  HTTP Status 403 - Configuration error: Cannot perform access control
> without an authenticated principal
> type Status report
> message Configuration error: Cannot perform access control without an
> authenticated principal
> description Access to the specified resource (Configuration error: Cannot
> perform access control without an authenticated principal) has been
> forbidden.
> Apache Tomcat/5.0.28
>
> Why I am not getting the login window?
>
> Here is the web.xml in project root/WEB-INF
>
> <security-constraint>
> <web-resource-collection>
> <web-resource-name>fw</web-resource-name>
> <url-pattern>*.do</url-pattern>
> <http-method>POST</http-method>
> </web-resource-collection>
> <auth-constraint>
> <role-name>admin</role-name>
> </auth-constraint>
> <login-config>
> <auth-method>BASIC</auth-method>
> </login-config>
> </security-constraint>
>
>
>  <Realm  className="org.apache.catalina.realm.JDBCRealm" debug="99"
>         driverName="org.gjt.mm.mysql.Driver"
>
>
connectionURL="jdbc:mysql://localhost/applicationusers?user=user&amp;passwor
> d=password"
>         userTable="applicationusers" userNameCol="user_name"
>         userCredCol="user_pass" userRoleTable="user_roles"
> roleNameCol="role_name" />
>
> The table structure was created using the following sql:
>
> create table users (
>   user_name         varchar(15) not null primary key,
>   user_pass         varchar(15) not null
>
> );
>
> create table user_roles (
>   user_name         varchar(15) not null,
>   role_name         varchar(15) not null,
>   primary key (user_name, role_name)
> );
>
> How can I trouble shoot this? The log doesn't show anything. Any tips
would
> be great.
>
> Thanks,
>
> Luke
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>



---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org