You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Carl Howells <ch...@janrain.com> on 2004/06/01 20:26:25 UTC

Programmatic Authentication?

Is it possible to set the Principal and Roles for a session in a manner 
which will satisfy a <role-name> security constraint programmatically? 
At all?  I don't mind ignoring the servlet spec and doing something 
tomcat-specific.  This is something that vitally needs to be done on my 
project.

Thanks for any solutions...

Carl Howells

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: context paths, tomcat, apache, ensim 3.7

Posted by stella luna <st...@mac.com>.

just so everyone knows this a  404 error problem with the manager 
application under a virtual host.

Please help, been working on this for two weeks now.....girlfriend and 
dog mad!
On Jun 1, 2004, at 9:52 PM, stella luna wrote:

>
>
>
>
>
> Okay I followed the below instructions, and added the bits to each 
> file.
>
>
>  I have therefore set up my configuration as follows :
>
>  File /etc/httpd/siteXXX/tomcat4-aliases :
>
>  <IfModule mod_jk.c>
>  JkMount /manager ajp13
>  JkMount /manager/* ajp13
>  </IfModule>
>
>
>  File /var/tomcat4/conf/sites.xml.d/siteXXX.xml.custom :
>
>  <Context path="/manager" debug="0" privileged="true"
>  docBase="/var/tomcat4/server/webapps/manager">
>  <Realm className="org.apache.catalina.realm.MemoryRealm"
>  pathname="conf/sites.xml.d/siteXXX.xml.users"
>  />
>  </Context>
>
>  File /var/tomcat4/conf/sites.xml.d/siteXXX.xml.users :
>
>  <tomcat-users>
>  <user name="username" password="password" roles="manager" />
>  </tomcat-users>
>
>
>
> I filled in the XXX to be 6, that is the site number.
>
>
>  when i go to  www.mysite.com/manager/ i get the following error.
>
>  Apache Tomcat/4.0.6 - HTTP Status 404 - /manager/
>
>  type Status report
>
>  message /manager/
>
>  description The requested resource (/manager/) is not available.
>
>  I am running ensim pro 3.7,,,,though it sometimes says my apliance 
> version is 3.5 something.
>
>  I don't see anything funny in the log files of mod_jk, apache, or 
> tomcat. Can someone think of something to look for?
>
> But wait i see this...
>
> [Tue Jun 01 18:37:45 2004] [error] [client 24.199.108.17] File does 
> not exist: /home/virtual/site6/fst/var/www/html/manager
>
>
>
>
>  Thanks,
>
>  Tom
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: context paths, tomcat, apache, ensim 3.7 ( with sever.xml) included

Posted by stella luna <st...@mac.com>.

I am getting this error when i try to connect to localhost/managers/


Tue Jun 01 12:19:12 2004]  [jk_connect.c (177)]: jk_open_socket, 
connect() failed errno = 111
[Tue Jun 01 12:19:12 2004]  [jk_ajp_common.c (626)]: In 
jk_endpoint_t::ajp_connect_to_endpoint, failed errno = 111
[Tue Jun 01 12:19:12 2004]  [jk_ajp_common.c (872)]: Error connecting 
to the Tomcat process.
[Tue Jun 01 12:19:12 2004]  [jk_ajp_common.c (1181)]: In 
jk_endpoint_t::service, ajp_send_request failed in send loop 0
[Tue Jun 01 12:19:12 2004]  [jk_connect.c (177)]: jk_open_socket, 
connect() failed errno = 111
[Tue Jun 01 12:19:12 2004]  [jk_ajp_common.c (626)]: In 
jk_endpoint_t::ajp_connect_to_endpoint, failed errno = 111
[Tue Jun 01 12:19:12 2004]  [jk_ajp_common.c (872)]: Error connecting 
to the Tomcat process.
[Tue Jun 01 12:19:12 2004]  [jk_ajp_common.c (1181)]: In 
jk_endpoint_t::service, ajp_send_request failed in send loop 1
[Tue Jun 01 12:19:12 2004]  [jk_connect.c (177)]: jk_open_socket, 
connect() failed errno = 111
[Tue Jun 01 12:19:12 2004]  [jk_ajp_common.c (626)]: In 
jk_endpoint_t::ajp_connect_to_endpoint, failed errno = 111
[Tue Jun 01 12:19:12 2004]  [jk_ajp_common.c (872)]: Error connecting 
to the Tomcat process.
[Tue Jun 01 12:19:12 2004]  [jk_ajp_common.c (1181)]: In 
jk_endpoint_t::service, ajp_send_request failed in send loop 2


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: context paths, tomcat, apache, ensim 3.7 ( with sever.xml) included

Posted by stella luna <st...@mac.com>.

I figure it has to be something with my server.xml file....can someone 
take a look at it and see if something pops out?

Thanks so much,

TDG

context paths, tomcat, apache, ensim 3.7

Posted by stella luna <st...@mac.com>.





Okay I followed the below instructions, and added the bits to each file.


  I have therefore set up my configuration as follows :

  File /etc/httpd/siteXXX/tomcat4-aliases :

  <IfModule mod_jk.c>
  JkMount /manager ajp13
  JkMount /manager/* ajp13
  </IfModule>


  File /var/tomcat4/conf/sites.xml.d/siteXXX.xml.custom :

  <Context path="/manager" debug="0" privileged="true"
  docBase="/var/tomcat4/server/webapps/manager">
  <Realm className="org.apache.catalina.realm.MemoryRealm"
  pathname="conf/sites.xml.d/siteXXX.xml.users"
  />
  </Context>

  File /var/tomcat4/conf/sites.xml.d/siteXXX.xml.users :

  <tomcat-users>
  <user name="username" password="password" roles="manager" />
  </tomcat-users>



I filled in the XXX to be 6, that is the site number.


  when i go to  www.mysite.com/manager/ i get the following error.

  Apache Tomcat/4.0.6 - HTTP Status 404 - /manager/

  type Status report

  message /manager/

  description The requested resource (/manager/) is not available.

  I am running ensim pro 3.7,,,,though it sometimes says my apliance 
version is 3.5 something.

  I don't see anything funny in the log files of mod_jk, apache, or 
tomcat. Can someone think of something to look for?

But wait i see this...

[Tue Jun 01 18:37:45 2004] [error] [client 24.199.108.17] File does not 
exist: /home/virtual/site6/fst/var/www/html/manager




  Thanks,

  Tom

Re: Programmatic Authentication?

Posted by "Victor R. Cardona" <vc...@covad.net>.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Carl Howells wrote:
| Is it possible to set the Principal and Roles for a session in a manner
| which will satisfy a <role-name> security constraint programmatically?
| At all?  I don't mind ignoring the servlet spec and doing something
| tomcat-specific.  This is something that vitally needs to be done on my
| project.
|
| Thanks for any solutions...

I did it by writing a filter that wrapped the incoming
HttpServletRequest with a HttpServletRequestWrapper if the client's
session contained a token placed there when they logged in.  The token
is a subclass of java.security.Principal, and the
HttpServletRequestWrapper overrides the getRemoteUser() isUserInRole()
and getUserPrincipal() methods.

HTH,
Victor
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFAvTDt8MW+BaXrmuERAv/KAJ9Jq3XpjNZr3ixbbjm0GozngFc56gCfcsai
xukh2MxbvHzV8JMI9r1lWdc=
=0dYP
-----END PGP SIGNATURE-----

---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org

Re: Programmatic Authentication?

Posted by Jeanfrancois Arcand <Je...@Sun.COM>.

Yes,

just write your own extension of org.apache.catalina.Realm (or extend 
o.a.c.realm.RealmBase)and read:

> http://jakarta.apache.org/tomcat/tomcat-5.0-doc/realm-howto.html


 then follow the instruction on how to install your own valve (search 
the list :-) )

-- Jeanfrancois

Carl Howells wrote:

> Is it possible to set the Principal and Roles for a session in a 
> manner which will satisfy a <role-name> security constraint 
> programmatically? At all?  I don't mind ignoring the servlet spec and 
> doing something tomcat-specific.  This is something that vitally needs 
> to be done on my project.
>
> Thanks for any solutions...
>
> Carl Howells
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org