You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Peter Neu <pe...@gmx.net> on 2004/11/28 10:27:40 UTC
Form Authentication Trouble with Firefox
Hello everybody,
I'm using form authentication to log on the users to my website.
Until now I was using Mozilla Firefox for developement but
now I came across this problem that Firefox doesn't allow
a clean log in and always redirects to the error.jsp. The
authentication is correct because it works with the IE.
Does anyone have this problem, too ? If not this means
I can't serve any Firfox clients.
Regards,
Peter
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Form Authentication Trouble with Firefox
Posted by Peter Neu <pe...@gmx.net>.
Hello Nikola,
thanks for your comments.
My login.jsp is nothing far off from the routine :
<html>
<body>
<form method="POST" action="j_security_check" name="loginForm">
<input type="text" name="j_username" />
<input type="password" name="j_password" />
<input type="submit" value='Login'>
</form>
</body>
</html>
I suppose there is no room for misinterpretation in case of different
browsers.
One thing I forgot to mention is : This login still worked with Firefox
0.8 and I have
this problem also when I try to login to websites on the net
In IE I never came across this problem.
Is there anything I can do in terms of defining the authentication in
the web-xml ?
If it helps the relevant part in the web.xml looks like this:
<security-constraint>
<web-resource-collection>
<web-resource-name> Entire Application </web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>member</role-name>
</auth-constraint>
</security-constraint>
<security-role><role-name>0</role-name>
</security-role>
<login-config>
<auth-method> FORM </auth-method>
<realm-name>My Club_Members</realm-name>
<form-login-config>
<form-login-page>/login.jsp </form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
The request string looks on both browsers the same.
Regards,
Peter
> Peter Neu wrote:
>
>> Hello everybody,
>>
>> I'm using form authentication to log on the users to my website.
>> Until now I was using Mozilla Firefox for developement but
>> now I came across this problem that Firefox doesn't allow
>> a clean log in and always redirects to the error.jsp. The
>> authentication is correct because it works with the IE.
>>
>> Does anyone have this problem, too ? If not this means
>> I can't serve any Firfox clients.
>
>
> Are you sure you're doing it right?
>
> No offence, but I've seen FORMs that seemingly worked on IE, but
> refused to work on Mozilla and vice versa. Your FORM should (or must,
> depending how you feel about standards) be HTML 4.0 correct.
>
> You should also try to find out what is actually being sent
> dfferently. A sniffer or a filter on the Tomcat could do that. Or just
> direct the form to some JSP that will print out the request parameters.
>
> Nix.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Update Re: Tomcat Requirements?
Posted by Chris Cherrett <st...@trackingsolutions.ca>.
This is an old post but I would like to thank everyone who helped out.
The problem turned out to indexes on the mysql database. I added index and
everything runs great for my client on their small machine. <-- (This is
relative: I have a client running a sun server - dual 3.4 with 2 GB ram.
This server runs my app fast!).
We will be using Netbeans profiler - JFluid to see if there are any other
possible fixes or enhancements that we can make. I am always trying to make
things run as fast and efficiently as possible.
Thanks again!
On November 29, 2004 12:43 pm, Chris Cherrett wrote:
> I have a client who is claiming that my software is slowing down. I cannot
> determine why this would be. He is running the following:
>
> P3 - 450 with 360MB of RAM
> with 2 IDE - 7200 RPM drives mirrored Raid 1 with Win2k
>
> I have found that any client running a faster system works great. Do you
> have any suggestions as to how to speed things up on this hardware
> configuration? example increase memory allocated to Tomcat.
>
> Thanks
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat Requirements?
Posted by Peter Lin <wo...@gmail.com>.
unless there's a really good reason, it's generally better to have the
database on one system and tomcat on another. once the concurrent
query load increases, tomcat will be fighting mysql for cpu and memory
resources.
peter
On Mon, 29 Nov 2004 13:03:36 -0700, Chris Cherrett
<st...@trackingsolutions.ca> wrote:
> Would this problem be solved by a hardware upgrade?
>
>
>
> On Monday 29 November 2004 01:03 pm, Peter Lin wrote:
> > as Yoav recommended, tomcat should be on it's own server. I would put
> > mysql on another system. that should fix things. most likely the
> > slowness is the result of database performance.
> >
> > peter
> >
> >
> > On Mon, 29 Nov 2004 12:54:18 -0700, Chris Cherrett
> >
> > <st...@trackingsolutions.ca> wrote:
> > > The application is highly database driven. In this case it is running a
> > > mysql database on the same machine.
> > >
> > > What would be the recommened hardware configuration?
> > >
> > > On a P4 2.4 with 1GB of RAM Tomcat is very happy!
> > >
> > > Thanks
> > >
> > > On Monday 29 November 2004 12:53 pm, Peter Lin wrote:
> > > > that would depend on what kind of application it is.
> > > >
> > > > without more info, like does it hit a database, is the database hosted
> > > > on the same system or does the application get remote data it's going
> > > > to be hard for others to provide good recommendations.
> > > >
> > > > peter
> > > >
> > > >
> > > > On Mon, 29 Nov 2004 12:43:07 -0700, Chris Cherrett
> > > >
> > > > <st...@trackingsolutions.ca> wrote:
> > > > > I have a client who is claiming that my software is slowing down. I
> > > > > cannot determine why this would be. He is running the following:
> > > > >
> > > > > P3 - 450 with 360MB of RAM
> > > > > with 2 IDE - 7200 RPM drives mirrored Raid 1 with Win2k
> > > > >
> > > > > I have found that any client running a faster system works great. Do
> > > > > you have any suggestions as to how to speed things up on this
> > > > > hardware configuration? example increase memory allocated to Tomcat.
> > > > >
> > > > > Thanks
> > > > >
> > > > > ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > >
> > > ---------------------------------------------------------------------
> > >
> > >
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
> --
> Chris Cherrett
> Tracking Solutions International
> 1-877-TSIWARE
> www.tsiware.com
>
> ---------------------------------------------------------------------
>
>
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat Requirements?
Posted by Parsons Technical Services <pa...@earthlink.net>.
Chris,
You have two choices:
Lighten the load on the server.
OR
Get a better machine.
One simple method to determine load on the Win box is Task Manager. This
will give you a feel for processor consumption and memory size.
If the only loads are mysql and Tomcat then you are forced to consider you
application or hardware. I had an issue in my app that when the requests
rose to a certain level the load went exponential due to people reclicking.
I ended up caching one of my main pages and only updating it once a minute.
This reduced the Tomcat load and the mysql load. It however increased the
memory footprint of my app. So if you can hold some information in memory
and not request it every time you can decrease the load on mysql. Down side
is that you will need more memory (maybe?). A profiler should be your next
venture. As stated this is a fairly small box, but it is only an issue if
all else is optimal.
As for would upgrading the machine fix your problem, only you can answer
that. It will help and will be able to serve a lot more request but may be a
total waste of money if the real problem is in your app. If the issue is a
memory leak it may make very little difference. Same goes for adding a
second box for mysql.
All this takes us back to the root of the issue. Why is it slow? Is the
motor too small (has a 1.8 liter, needs a 4.2). Is there too much load (8
people in a four passenger car). Or is the app sloppy(Only 2 people but
caring a ton of luggage. You know packs everything just in case.) rather
than sleek and efficient. What if none of these are it? You could have a bad
sparkplug (something wrong in the system).
Every design has trade offs and the environment should guide you as which
direction to work in.
Nobody knows your needs as good as your and thus no one on the list knows
all the details that go into you situation. And that is why you get the
general answers rather than a definitive yes or no.
Doug
www.parsonstechnical.com
----- Original Message -----
From: "Chris Cherrett" <st...@trackingsolutions.ca>
To: "Tomcat Users List" <to...@jakarta.apache.org>
Sent: Monday, November 29, 2004 3:03 PM
Subject: Re: Tomcat Requirements?
> Would this problem be solved by a hardware upgrade?
>
> On Monday 29 November 2004 01:03 pm, Peter Lin wrote:
>> as Yoav recommended, tomcat should be on it's own server. I would put
>> mysql on another system. that should fix things. most likely the
>> slowness is the result of database performance.
>>
>> peter
>>
>>
>> On Mon, 29 Nov 2004 12:54:18 -0700, Chris Cherrett
>>
>> <st...@trackingsolutions.ca> wrote:
>> > The application is highly database driven. In this case it is running a
>> > mysql database on the same machine.
>> >
>> > What would be the recommened hardware configuration?
>> >
>> > On a P4 2.4 with 1GB of RAM Tomcat is very happy!
>> >
>> > Thanks
>> >
>> > On Monday 29 November 2004 12:53 pm, Peter Lin wrote:
>> > > that would depend on what kind of application it is.
>> > >
>> > > without more info, like does it hit a database, is the database
>> > > hosted
>> > > on the same system or does the application get remote data it's going
>> > > to be hard for others to provide good recommendations.
>> > >
>> > > peter
>> > >
>> > >
>> > > On Mon, 29 Nov 2004 12:43:07 -0700, Chris Cherrett
>> > >
>> > > <st...@trackingsolutions.ca> wrote:
>> > > > I have a client who is claiming that my software is slowing down. I
>> > > > cannot determine why this would be. He is running the following:
>> > > >
>> > > > P3 - 450 with 360MB of RAM
>> > > > with 2 IDE - 7200 RPM drives mirrored Raid 1 with Win2k
>> > > >
>> > > > I have found that any client running a faster system works great.
>> > > > Do
>> > > > you have any suggestions as to how to speed things up on this
>> > > > hardware configuration? example increase memory allocated to
>> > > > Tomcat.
>> > > >
>> > > > Thanks
>> > > >
>> > > > ---------------------------------------------------------------------
>> > > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>> > > > For additional commands, e-mail:
>> > > > tomcat-user-help@jakarta.apache.org
>> > >
>> > > ---------------------------------------------------------------------
>> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>> > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>> >
>> > ---------------------------------------------------------------------
>> >
>> >
>> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
> --
> Chris Cherrett
> Tracking Solutions International
> 1-877-TSIWARE
> www.tsiware.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat Requirements?
Posted by Chris Cherrett <st...@trackingsolutions.ca>.
Would this problem be solved by a hardware upgrade?
On Monday 29 November 2004 01:03 pm, Peter Lin wrote:
> as Yoav recommended, tomcat should be on it's own server. I would put
> mysql on another system. that should fix things. most likely the
> slowness is the result of database performance.
>
> peter
>
>
> On Mon, 29 Nov 2004 12:54:18 -0700, Chris Cherrett
>
> <st...@trackingsolutions.ca> wrote:
> > The application is highly database driven. In this case it is running a
> > mysql database on the same machine.
> >
> > What would be the recommened hardware configuration?
> >
> > On a P4 2.4 with 1GB of RAM Tomcat is very happy!
> >
> > Thanks
> >
> > On Monday 29 November 2004 12:53 pm, Peter Lin wrote:
> > > that would depend on what kind of application it is.
> > >
> > > without more info, like does it hit a database, is the database hosted
> > > on the same system or does the application get remote data it's going
> > > to be hard for others to provide good recommendations.
> > >
> > > peter
> > >
> > >
> > > On Mon, 29 Nov 2004 12:43:07 -0700, Chris Cherrett
> > >
> > > <st...@trackingsolutions.ca> wrote:
> > > > I have a client who is claiming that my software is slowing down. I
> > > > cannot determine why this would be. He is running the following:
> > > >
> > > > P3 - 450 with 360MB of RAM
> > > > with 2 IDE - 7200 RPM drives mirrored Raid 1 with Win2k
> > > >
> > > > I have found that any client running a faster system works great. Do
> > > > you have any suggestions as to how to speed things up on this
> > > > hardware configuration? example increase memory allocated to Tomcat.
> > > >
> > > > Thanks
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> > ---------------------------------------------------------------------
> >
> >
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
--
Chris Cherrett
Tracking Solutions International
1-877-TSIWARE
www.tsiware.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat Requirements?
Posted by Peter Lin <wo...@gmail.com>.
as Yoav recommended, tomcat should be on it's own server. I would put
mysql on another system. that should fix things. most likely the
slowness is the result of database performance.
peter
On Mon, 29 Nov 2004 12:54:18 -0700, Chris Cherrett
<st...@trackingsolutions.ca> wrote:
> The application is highly database driven. In this case it is running a mysql
> database on the same machine.
>
> What would be the recommened hardware configuration?
>
> On a P4 2.4 with 1GB of RAM Tomcat is very happy!
>
> Thanks
>
>
>
> On Monday 29 November 2004 12:53 pm, Peter Lin wrote:
> > that would depend on what kind of application it is.
> >
> > without more info, like does it hit a database, is the database hosted
> > on the same system or does the application get remote data it's going
> > to be hard for others to provide good recommendations.
> >
> > peter
> >
> >
> > On Mon, 29 Nov 2004 12:43:07 -0700, Chris Cherrett
> >
> > <st...@trackingsolutions.ca> wrote:
> > > I have a client who is claiming that my software is slowing down. I
> > > cannot determine why this would be. He is running the following:
> > >
> > > P3 - 450 with 360MB of RAM
> > > with 2 IDE - 7200 RPM drives mirrored Raid 1 with Win2k
> > >
> > > I have found that any client running a faster system works great. Do you
> > > have any suggestions as to how to speed things up on this hardware
> > > configuration? example increase memory allocated to Tomcat.
> > >
> > > Thanks
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
> ---------------------------------------------------------------------
>
>
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat Requirements?
Posted by Chris Cherrett <st...@trackingsolutions.ca>.
The application is highly database driven. In this case it is running a mysql
database on the same machine.
What would be the recommened hardware configuration?
On a P4 2.4 with 1GB of RAM Tomcat is very happy!
Thanks
On Monday 29 November 2004 12:53 pm, Peter Lin wrote:
> that would depend on what kind of application it is.
>
> without more info, like does it hit a database, is the database hosted
> on the same system or does the application get remote data it's going
> to be hard for others to provide good recommendations.
>
> peter
>
>
> On Mon, 29 Nov 2004 12:43:07 -0700, Chris Cherrett
>
> <st...@trackingsolutions.ca> wrote:
> > I have a client who is claiming that my software is slowing down. I
> > cannot determine why this would be. He is running the following:
> >
> > P3 - 450 with 360MB of RAM
> > with 2 IDE - 7200 RPM drives mirrored Raid 1 with Win2k
> >
> > I have found that any client running a faster system works great. Do you
> > have any suggestions as to how to speed things up on this hardware
> > configuration? example increase memory allocated to Tomcat.
> >
> > Thanks
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat Requirements?
Posted by Quinton Delpeche <qu...@vippayroll.co.za>.
On Monday 29 November 2004 21:43, Chris Cherrett wrote:
> I have a client who is claiming that my software is slowing down. I cannot
> determine why this would be. He is running the following:
>
> P3 - 450 with 360MB of RAM
> with 2 IDE - 7200 RPM drives mirrored Raid 1 with Win2k
>
> I have found that any client running a faster system works great. Do you
> have any suggestions as to how to speed things up on this hardware
> configuration? example increase memory allocated to Tomcat.
Load Linux. :)
Just kidding... ...I would look at maybe trying to increase the memory on the
box, 350 MB for Win2K is not much and Win2K will use at least 2/3rds of that
just for fun.
I would try and push the customer to get a bigger server, use the excuse that
PIII are no longer supported and a PIV or Athlon are very cheap now days.
At least 512 MB or a 1GB of RAM would be advisable... ...not for tomcat but
for the OS that can be very resource intensive when it feels like it.
Or, disable all services that are not required on the machine, this sometimes
help.
> Thanks
Q
--
Quinton Delpeche
Internal Systems Developer
Softline VIP
Telephone: +27 12 420 7000
Direct: +27 12 420 7007
Facsimile: +27 12 420 7344
http://www.vippayroll.co.za/
"In any world menu, Canada must be considered the vichyssoise of
nations -- it's cold, half-French, and difficult to stir."
-- Stuart Keate
Re: Tomcat Requirements?
Posted by Peter Lin <wo...@gmail.com>.
that would depend on what kind of application it is.
without more info, like does it hit a database, is the database hosted
on the same system or does the application get remote data it's going
to be hard for others to provide good recommendations.
peter
On Mon, 29 Nov 2004 12:43:07 -0700, Chris Cherrett
<st...@trackingsolutions.ca> wrote:
> I have a client who is claiming that my software is slowing down. I cannot
> determine why this would be. He is running the following:
>
> P3 - 450 with 360MB of RAM
> with 2 IDE - 7200 RPM drives mirrored Raid 1 with Win2k
>
> I have found that any client running a faster system works great. Do you have
> any suggestions as to how to speed things up on this hardware configuration?
> example increase memory allocated to Tomcat.
>
> Thanks
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Tomcat Requirements?
Posted by Ronald Klop <ro...@base.nl>.
Is the system using swap? You should tune the java app (Tomcat) to not use more memory than is available without swapping.
Ronald.
On Mon Nov 29 20:43:07 CET 2004 Chris Cherrett <st...@trackingsolutions.ca> wrote:
> I have a client who is claiming that my software is slowing down. I cannot
> determine why this would be. He is running the following:
>
> P3 - 450 with 360MB of RAM
> with 2 IDE - 7200 RPM drives mirrored Raid 1 with Win2k
>
> I have found that any client running a faster system works great. Do you have
> any suggestions as to how to speed things up on this hardware configuration?
> example increase memory allocated to Tomcat.
>
> Thanks
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
Tomcat Requirements?
Posted by Chris Cherrett <st...@trackingsolutions.ca>.
I have a client who is claiming that my software is slowing down. I cannot
determine why this would be. He is running the following:
P3 - 450 with 360MB of RAM
with 2 IDE - 7200 RPM drives mirrored Raid 1 with Win2k
I have found that any client running a faster system works great. Do you have
any suggestions as to how to speed things up on this hardware configuration?
example increase memory allocated to Tomcat.
Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Form Authentication Trouble with Firefox
Posted by Nikola Milutinovic <Ni...@ev.co.yu>.
Peter Neu wrote:
> Hello everybody,
>
> I'm using form authentication to log on the users to my website.
> Until now I was using Mozilla Firefox for developement but
> now I came across this problem that Firefox doesn't allow
> a clean log in and always redirects to the error.jsp. The
> authentication is correct because it works with the IE.
>
> Does anyone have this problem, too ? If not this means
> I can't serve any Firfox clients.
Are you sure you're doing it right?
No offence, but I've seen FORMs that seemingly worked on IE, but refused
to work on Mozilla and vice versa. Your FORM should (or must, depending
how you feel about standards) be HTML 4.0 correct.
You should also try to find out what is actually being sent dfferently.
A sniffer or a filter on the Tomcat could do that. Or just direct the
form to some JSP that will print out the request parameters.
Nix.
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Form Authentication Trouble with Firefox
Posted by Peter Neu <pe...@gmx.net>.
Hi Bob,
I looked through the source of AuthenticatorBase but could not find
the checkUserData method. It seems the whole thing has changed to
some degree in the last few releases.
Seems like I can't serve any Firefox clients.
Regards,
Peter
Bob Feretich schrieb:
> I have not examined Tomcat 5. My hosting provider doen't support it, yet.
>
> For Tomcat 4.1.21 (and may be the same for Tomcat 5):
> 1) Download the source tree from the jakarta.apache.org site.
> 2) AuthenticatorBase can be found at
> catalina/src/share/org/apache/catalina/authenticator/
> 3) After you make your changes and compile, place the resulting
> classes in the server/classes/org/apache/catalina/authenticator/
> directory of the Tomcat binary you are using. (The server directory is
> a peer to the
> conf directory, where your server.xml file resides.)
> 4) I made these changes (you will probably have to modify them for
> Tomcat5):
> protected boolean checkUserData(
> ...
> // RF changes because Netscape will not return cookies from non secure
> // if ((requestedSessionId != null) &&
> // hrequest.isRequestedSessionIdFromURL()) {
> if ((requestedSessionId != null) ) { // replaces above two lines
> file.append(";jsessionid=");
> file.append(requestedSessionId);
> }
> String queryString = hrequest.getQueryString();
> if (queryString != null) {
> file.append('?');
> file.append(queryString);
> }
> URL url = null;
> try {
> // url = new URL(protocol, host, redirectPort, file.toString());
> url = new URL(protocol, host, file.toString()); // replace above
> ...
>
> Good luck,
> Bob Feretich
>
> Peter Neu wrote:
>
>> Hi Bob,
>>
>>
>> I can't switch to https in this case (not a technical problem). So
>> where do I have to apply the changes
>> you suggested in my Tomcat 5.0.28 ? Where can I find the
>> AuthenticatorBase code? And what do I have to change?
>>
>> Regards,
>>
>> Swen
>>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Form Authentication Trouble with Firefox
Posted by Bob Feretich <bo...@prodigy.net>.
I have not examined Tomcat 5. My hosting provider doen't support it, yet.
For Tomcat 4.1.21 (and may be the same for Tomcat 5):
1) Download the source tree from the jakarta.apache.org site.
2) AuthenticatorBase can be found at
catalina/src/share/org/apache/catalina/authenticator/
3) After you make your changes and compile, place the resulting classes
in the server/classes/org/apache/catalina/authenticator/ directory of
the Tomcat binary you are using. (The server directory is a peer to the
conf directory, where your server.xml file resides.)
4) I made these changes (you will probably have to modify them for Tomcat5):
protected boolean checkUserData(
...
// RF changes because Netscape will not return cookies from non secure
// if ((requestedSessionId != null) &&
// hrequest.isRequestedSessionIdFromURL()) {
if ((requestedSessionId != null) ) { // replaces above two lines
file.append(";jsessionid=");
file.append(requestedSessionId);
}
String queryString = hrequest.getQueryString();
if (queryString != null) {
file.append('?');
file.append(queryString);
}
URL url = null;
try {
// url = new URL(protocol, host, redirectPort, file.toString());
url = new URL(protocol, host, file.toString()); // replace above
...
Good luck,
Bob Feretich
Peter Neu wrote:
> Hi Bob,
>
>
> I can't switch to https in this case (not a technical problem). So where
> do I have to apply the changes
> you suggested in my Tomcat 5.0.28 ? Where can I find the
> AuthenticatorBase code? And what do I have to change?
>
> Regards,
>
> Swen
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Form Authentication Trouble with Firefox
Posted by Peter Neu <pe...@gmx.net>.
Hi Bob,
I can't switch to https in this case (not a technical problem). So where
do I have to apply the changes
you suggested in my Tomcat 5.0.28 ? Where can I find the
AuthenticatorBase code? And what do I have to change?
Regards,
Swen
> I experienced as problem that might be similar to yours. I was testing
> with Netsacpe 7 (Mozilla based like Foxfire) and IE. My form
> authentication worked with IE, but not Netscape.
>
> It occurred quite a while ago (using Tomcat 4.1.x), so I am not clear
> on the exact details. My debug showed that Netscape was not handling
> the session cookies the same way as IE. I think that Netscape only
> returned non-secure cookies via a non-secure port (80 for me).
> 1) I would start a session on a non-protected page (http - port 80).
> 2) The user would select a link to a protected page.
> 3) Control would be passed to my login form (https - port 443), but
> the non-secure jsessionid cookie would not be received, so Tomcat
> would start a new session and store a secure jsessionid cookie.
>
> I think this is a bug in both the Mozilla and Tomcat.
> Netscape should return a cookie stored by port 80 cookie on port 443
> as long as the stored cookie is not designated for port 80 only.
> Tomcat should follow RFC-2964 "Use of HTTP State Management" and never
> be mark session tracking cookies "secure". We may have to wait for
> RFC-2965 to be adopted before all this gets fixed.
>
> If this is your problem, you can either run your whole application
> under https or zap the Tomcat AuthenticatorBase code. I think I
> changed it to:
> 1) append ";jsessionid=..." to URLs when they are redirected to the
> https port.
> 2) remove the addition of the redirectPort to that same URL.
>
> Regards,
> Bob Feretich
>
> Peter Neu wrote:
>
>> Hello everybody,
>>
>> I'm using form authentication to log on the users to my website.
>> Until now I was using Mozilla Firefox for developement but
>> now I came across this problem that Firefox doesn't allow
>> a clean log in and always redirects to the error.jsp. The
>> authentication is correct because it works with the IE.
>>
>> Does anyone have this problem, too ? If not this means
>> I can't serve any Firfox clients.
>>
>> Regards,
>>
>> Peter
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
>> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>>
>>
>>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: Form Authentication Trouble with Firefox
Posted by Bob Feretich <bo...@prodigy.net>.
I experienced as problem that might be similar to yours. I was testing
with Netsacpe 7 (Mozilla based like Foxfire) and IE. My form
authentication worked with IE, but not Netscape.
It occurred quite a while ago (using Tomcat 4.1.x), so I am not clear on
the exact details. My debug showed that Netscape was not handling the
session cookies the same way as IE. I think that Netscape only returned
non-secure cookies via a non-secure port (80 for me).
1) I would start a session on a non-protected page (http - port 80).
2) The user would select a link to a protected page.
3) Control would be passed to my login form (https - port 443), but the
non-secure jsessionid cookie would not be received, so Tomcat would
start a new session and store a secure jsessionid cookie.
I think this is a bug in both the Mozilla and Tomcat.
Netscape should return a cookie stored by port 80 cookie on port 443 as
long as the stored cookie is not designated for port 80 only.
Tomcat should follow RFC-2964 "Use of HTTP State Management" and never
be mark session tracking cookies "secure". We may have to wait for
RFC-2965 to be adopted before all this gets fixed.
If this is your problem, you can either run your whole application under
https or zap the Tomcat AuthenticatorBase code. I think I changed it to:
1) append ";jsessionid=..." to URLs when they are redirected to the
https port.
2) remove the addition of the redirectPort to that same URL.
Regards,
Bob Feretich
Peter Neu wrote:
> Hello everybody,
>
> I'm using form authentication to log on the users to my website.
> Until now I was using Mozilla Firefox for developement but
> now I came across this problem that Firefox doesn't allow
> a clean log in and always redirects to the error.jsp. The
> authentication is correct because it works with the IE.
>
> Does anyone have this problem, too ? If not this means
> I can't serve any Firfox clients.
>
> Regards,
>
> Peter
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org