You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Neha Sharma <ne...@fnal.gov> on 2008/09/11 22:46:08 UTC

Question about Gridmap based authorization and authentication in Tomcat

Hi

My Tomcat Version:

Server version: Apache Tomcat/6.0.16
Server built:   Jan 28 2008 11:35:29
Server number:  6.0.16.0
OS Name:        Linux
OS Version:     2.6.9-55.0.2.ELsmp
Architecture:   i386
JVM Version:    1.5.0_14-b03
JVM Vendor:     Sun Microsystems Inc.
[root@fgtest4 apache-tomcat-6.0.16]#

I have deployed a web application using apache tomcat and further  
configured tomcat to allow gridmap-file based authorization and  
authentication. I did this by  inserting following tags in   
$TOMCAT_HOME/conf/server.xml file

     <Connector
             className="org.globus.tomcat.coyote.net.HTTPSConnector"
             port="8450"
             maxThreads="150" minSpareThreads="25" maxSpareThreads="75"
             enableLookups="false" disableUploadTimeout="true"
             acceptCount="100" debug="0" scheme="https" autoFlush="true"
              
protocolHandlerClassName="org.apache.coyote.http11.Http11Protocol"
              
socketFactory 
="org.globus.tomcat.catalina.net.BaseHTTPSServerSocketFactory"
             cert="/etc/grid-security/hostcert.pem"
             key="/etc/grid-security/hostkey.pem"
             cacertdir="/etc/grid-security/certificates"
             mode="ssl"/>

     <Valve
            
className="org.globus.tomcat.coyote.valves.GridmapFilterValve55"
           gridmapfile="/usr/local/sazui/gridmap-file"
           allowUnsecured="false"
           meaningfulErrors="true"
           passRequest="false"
      />

Things are working as expected for the users whose DN (Distinguished  
Name) exists in the gridmap-file.

However, if anyone else whose DN is not in the gridmap-file  tries to  
access the page, they get a blank white screen.

Is there a way to display a webpage with a message like "Access  
Denied" instead of just throwing a blank screen ?

Thanks
-Neha

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org