You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jetspeed-user@portals.apache.org by HU...@LILLY.COM on 2001/11/01 19:02:26 UTC
Re: Can't seem to use myusername:mypassword@www.mydomain.com
inaWebPagePortlet url
Excellent! I like the caching strategy too!
Thanks!
Paul Spencer <pa...@mikon.com>
11/01/01 12:05 PM
Please respond to Jetspeed Users List
To: Jetspeed Users List <je...@jakarta.apache.org>
cc:
Subject: Re: Can't seem to use myusername:mypassword@www.mydomain.com
inaWebPagePortlet url
Jim,
"I think I forgot to mention"!
I am thinking about adding the following WebPagePortlet parameters:
"Send Jetspeed Username and Password" Type: Boolean
Username Type: String
Password Type: String
Rules:
"Send..." "Username" "Password" Result
true don't care don't care Jetspeed username and
password sent and cache
disabled
false set set "Username" and "Password"
"Password" sent and cache
disabled
false set unset current behavior, i.e.
no username or password
sent and user page's
cache rules
Anything else?
Paul Spencer
HUGHES_JAMES_B@LILLY.COM wrote:
>
> Thanks!
>
> I think I forgot to mention that I wanted to pull the uid and password
> from the RunData object and append it on to the front of the URL (vs
> hardcoding in the URL parameter). Is that what you were thinking? This
> way we can bring in secured and personlized Cocoon Content. This would
be
> fantastic!
>
> -Jim
>
> Paul Spencer <pa...@mikon.com>
> 11/01/01 10:05 AM
> Please respond to Jetspeed Users List
>
>
> To: Jetspeed Users List <je...@jakarta.apache.org>
> cc:
> Subject: Re: Can't seem to use
myusername:mypassword@www.mydomain.com in
> aWebPagePortlet url
>
> Jim,
> I will work on this. For the sake of simplicity, I will try to extract
> the authorization info from the url.
>
> Paul Spencer
>
> HUGHES_JAMES_B@LILLY.COM wrote:
> >
> > Has this ever been resolved? I have been following this discussion
for
> > some time. I am also able to use the "username:password@url" in the
> > browser, but not in Jetspeed. I could go ahead and try extending
> > WebPagePortlet (SecuredWebPagePortlet?) and add the code below. I
> > wouldn't think this could be added to the WebPagePortlet class because
> we
> > don't always want this to happen. Unless... we add a parameter
> > secured="true"?
> >
> > This is currently a huge barrier for my project.
> >
> > Jim
> >
> > Santiago Gala <sg...@hisitech.com>
> > 10/19/01 06:52 AM
> > Please respond to jetspeed-user
> >
> >
> > To: jetspeed-user@jakarta.apache.org
> > cc:
> > Subject: Re: Can't seem to use
> myusername:mypassword@www.mydomain.com in a
> > WebPagePortlet url
> >
> > Jakopac, Dave wrote:
> >
> > >Paul-
> > >
> > >Attached is a relevant snippet from the log file. Username, password,
> > >etc., have been changed to protect the innocent.
> > >
> > >--dave
> > >
> > Can you try to send us a patch for the WebPagePortlet.java that uses
> > this technique?
> >
> > The patch should look for the authorization part in the url string,
and
> > use, conditionally, the technique you outline below. Then people can
> > test it under other jdk versions (I'm not sure about compatibility in
> > 1.3, IBM jdk, ...). If the patch succeeds, it should be applied
> > everywhere we use a URLConnection (disk cache only, I think).
> >
> > Take into account that WebPagePortlet was updated yesterday in cvs.
> >
> > >
> > >
> > >
> > >
> > >>-----Original Message-----
> > >>From: Paul Spencer [mailto:paul@mikon.com]
> > >>Sent: Wednesday, October 17, 2001 4:55 PM
> > >>To: jetspeed-user@jakarta.apache.org
> > >>Subject: Re: Can't seem to use
> > >>myusername:mypassword@www.mydomain.com in
> > >>aWebPagePortlet url
> > >>
> > >>
> > >>Dave,
> > >>What is the error message in the jetspeed.log?
> > >>
> > >>Paul Spencer
> > >>
> > >>
> > >>"Jakopac, Dave" wrote:
> > >>
> > >>>I've figured out how to do this in plain Java:
> > >>>
> > >>> userpass = "myusername:mypassword";
> > >>> auth = "Basic "
> > >>> + new
> > >>>sun.misc.BASE64Encoder().encode(userpass.getBytes());
> > >>> URL myUrl = new URL(urlstring);
> > >>> URLConnection myUrlConnection =
> > >>>
> > >>myurl.openConnection();
> > >>
> > >>> myUrlConnection.setRequestProperty("Authorization",
> > >>>auth);
> > >>>
> > >>>(Yuk! Why doesn't the JDK support the full HTTP protocol, including
> > >>>putting this authentication in the URL?)
> > >>>
> > >>>So how do I create my own portlet (a subclass of
> > >>>
> > >>WebPagePortlet or of
> > >>
> > >>>FileWatchPortlet) that sets the Authorization request
> > >>>
> > >>before the URL is
> > >>
> > >>>read from? I'm worried that if I just put it after the URL( url
> > >>>).openStream() in getURL() of WebPagePortlet that I might
> > >>>
> > >>be trying to
> > >>
> > >>>authenticate against a cached webpage. Any pointers would be
> > >>>appreciated.
> > >>>
> > >>>--dave
> > >>>
> > >>>P.S. Am I the only one trying to open a portlet to a (semi-) secure
> > >>>site?
> > >>>
> > >>>>-----Original Message-----
> > >>>>From: Jakopac, Dave [mailto:djakopac@lisletech.com]
> > >>>>Sent: Tuesday, October 09, 2001 8:31 AM
> > >>>>To: 'jetspeed-user@jakarta.apache.org'
> > >>>>Subject: RE: Can't seem to use
> > >>>>myusername:mypassword@www.mydomain.com in
> > >>>>a WebPagePortlet url
> > >>>>
> > >>>>
> > >>>>
> > >>>>I'm using JDK 1.2.2.
> > >>>>
> > >>>>--dave
> > >>>>
> > >>>>>-----Original Message-----
> > >>>>>From: Santiago Gala [mailto:sgala@hisitech.com]
> > >>>>>Sent: Monday, October 08, 2001 2:06 PM
> > >>>>>To: jetspeed-user@jakarta.apache.org
> > >>>>>Subject: Re: Can't seem to use
> > >>>>>myusername:mypassword@www.mydomain.com in
> > >>>>>a WebPagePortlet url
> > >>>>>
> > >>>>>
> > >>>>>David Jakopac wrote:
> > >>>>>
> > >>>>>>I've searched both the users and developer jetspeed mailing
> > >>>>>>
> > >>>>>lists for
> > >>>>>
> > >>>>>>this. I've also looked at the urlmanager/*.java
> > >>>>>>
> > >>source. Sorry in
> > >>
> > >>>>>>advance if I missed something.
> > >>>>>>
> > >>>>>>I'm using the nightly build of 1.3a2-dev-war from Oct
> > >>>>>>
> > >>2. I want a
> > >>
> > >>>>>>WebPagePortlet to access a website using a URL containing a
> > >>>>>>
> > >>>>>username
> > >>>>>
> > >>>>>>and password. In other words, I want to use the following
> > >>>>>>
> > >>>>>URL in the
> > >>>>>
> > >>>>>><url>:
> > >>>>>>
> > >>>>>>http://myusername:mypassword@www.mydomain.com/mypage.html
> > >>>>>>
> > >>>>>>I get a 401 HTTP response from the www.mydomain.com server,
> > >>>>>>
> > >>>>>but if I
> > >>>>>
> > >>>>>>copy and paste the same URL in a browser it works fine.
> > >>>>>>(www.mydomain.com is served by an Apache server.)
> > >>>>>>
> > >>>>>>I've also tried:
> > >>>>>>
> > >>>>>>http://myusername%3amypassword@www.mydomain.com/mypage.html
> > >>>>>>
> > >>>>>>with the same results (works from a browser, but not
> > >>>>>>
> > >>a jetspeed
> > >>
> > >>>>>>WebPagePortlet). Escaping the "@" doesn't work anywhere,
> > >>>>>>
> > >>>>of course.
> > >>>>
> > >>>>>>Any pointers to existing documentation on how to do
> > >>>>>>
> > >>this would be
> > >>
> > >>>>>>appreciated. Thanks.
> > >>>>>>
> > >>>>>Which jdk are you using? I'm not sure, but it should work.
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> > >>>>>
> >
>>---------------------------------------------------------------------
> > >>
> > >>>>>To unsubscribe, e-mail:
> > >>>>>
> > >>jetspeed-user-unsubscribe@jakarta.apache.org
> > >>
> > >>>>>For additional commands, e-mail:
> > >>>>>
> > >>>>jetspeed-user-help@jakarta.apache.org
> > >>>>
> > >>>>
> >
>>---------------------------------------------------------------------
> > >>
> > >>>>To unsubscribe, e-mail:
> > >>>>
> > >>jetspeed-user-unsubscribe@jakarta.apache.org
> > >>
> > >>>>For additional commands, e-mail:
> > >>>>
> > >>jetspeed-user-help@jakarta.apache.org
> > >>
> > >>>
> >
>>---------------------------------------------------------------------
> > >>
> > >>>To unsubscribe, e-mail:
jetspeed-user-unsubscribe@jakarta.apache.org
> > >>>For additional commands, e-mail:
> > >>>
> > >>jetspeed-user-help@jakarta.apache.org
> > >>
> >
>>---------------------------------------------------------------------
> > >>To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
> > >>For additional commands, e-mail:
jetspeed-user-help@jakarta.apache.org
> > >>
> > >
> > >
> >
>
>------------------------------------------------------------------------
> > >
> > >[Thu Oct 04 11:11:52 CDT 2001] -- WARN -- Cache getEntry Called with http://myuserid:mypasswd@www.mydomain.com/
> > >[Thu Oct 04 11:11:52 CDT 2001] -- INFO -- Exception
> >
>
occurred:org.apache.jetspeed.services.urlmanager.URLNotAvailableException:
> > The following URL is not available because it is considered invalid: http://myuserid:mypasswd@www.mydomain.com/ -> java.net.UnknownHostException: myuserid:mypasswd@www.mydomain.com
> > >[Thu Oct 04 11:11:53 CDT 2001] -- ERROR --
> > > Exception:
org.apache.jetspeed.portal.PortletException:
> > org.apache.jetspeed.services.urlmanager.URLNotAvailableException: The
> > following URL is not available because it is considered invalid: http://myuserid:mypasswd@www.mydomain.com/ -> java.net.UnknownHostException: myuserid:mypasswd@www.mydomain.com
> > > Stack Trace follows:
> > > org.apache.jetspeed.portal.PortletException:
> > org.apache.jetspeed.services.urlmanager.URLNotAvailableException: The
> > following URL is not available because it is considered invalid: http://myuserid:mypasswd@www.mydomain.com/ -> java.net.UnknownHostException: myuserid:mypasswd@www.mydomain.com
> > > at
> >
>
org.apache.jetspeed.portal.portlets.WebPagePortlet.init(WebPagePortlet.java:123)
> > > at
> >
>
org.apache.jetspeed.services.portletfactory.JetspeedPortletFactoryService.getPortlet(JetspeedPortletFactoryService.java,
> > Compiled Code)
> > > at
> >
>
org.apache.jetspeed.services.portletfactory.JetspeedPortletFactoryService.getPortlet(JetspeedPortletFactoryService.java,
> > Compiled Code)
> > > at
> >
>
org.apache.jetspeed.services.portaltoolkit.JetspeedPortalToolkitService.getSet(JetspeedPortalToolkitService.java,
> > Compiled Code)
> > > at
> >
>
org.apache.jetspeed.services.portaltoolkit.JetspeedPortalToolkitService.getSet(JetspeedPortalToolkitService.java,
> > Compiled Code)
> > > at
> >
>
org.apache.jetspeed.util.template.JetspeedTool.getPane(JetspeedTool.java,
> > Compiled Code)
> > > at java.lang.reflect.Method.invoke(Native Method)
> > > at
> >
>
org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java,
> > Compiled Code)
> > > at
> >
>
org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java,
> > Compiled Code)
> > > at
> >
>
org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java,
> > Compiled Code)
> > > at
> >
>
org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java,
> > Compiled Code)
> > > at org.apache.velocity.Template.merge(Template.java,
> > Compiled Code)
> > > at
> > org.apache.velocity.app.Velocity.mergeTemplate(Velocity.java, Compiled
> > Code)
> > > at
> > org.apache.velocity.app.Velocity.mergeTemplate(Velocity.java, Compiled
> > Code)
> > > at
> >
>
org.apache.turbine.services.velocity.TurbineVelocityService.decodeRequest(TurbineVelocityService.java,
> > Compiled Code)
> > > at
> >
>
org.apache.turbine.services.velocity.TurbineVelocityService.handleRequest(TurbineVelocityService.java,
> > Compiled Code)
> > > at
> >
>
org.apache.turbine.modules.screens.VelocityDirectScreen.buildTemplate(VelocityDirectScreen.java,
> > Compiled Code)
> > > at
> >
>
org.apache.turbine.modules.screens.TemplateScreen.doBuild(TemplateScreen.java,
> > Compiled Code)
> > > at
org.apache.turbine.modules.Screen.build(Screen.java,
> > Compiled Code)
> > > at
> > org.apache.turbine.modules.ScreenLoader.eval(ScreenLoader.java,
Compiled
> > Code)
> > > at
> >
>
org.apache.turbine.util.template.TemplateScreen.toString(TemplateScreen.java,
> > Compiled Code)
> > > at
> >
>
org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java,
> > Compiled Code)
> > > at
> >
>
org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java,
> > Compiled Code)
> > > at org.apache.velocity.Template.merge(Template.java,
> > Compiled Code)
> > > at
> > org.apache.velocity.app.Velocity.mergeTemplate(Velocity.java, Compiled
> > Code)
> > > at
> > org.apache.velocity.app.Velocity.mergeTemplate(Velocity.java, Compiled
> > Code)
> > > at
> >
>
org.apache.turbine.services.velocity.TurbineVelocityService.decodeRequest(TurbineVelocityService.java,
> > Compiled Code)
> > > at
> >
>
org.apache.turbine.services.velocity.TurbineVelocityService.handleRequest(TurbineVelocityService.java,
> > Compiled Code)
> > > at
> >
>
org.apache.turbine.modules.layouts.VelocityDirectLayout.doBuild(VelocityDirectLayout.java,
> > Compiled Code)
> > > at
org.apache.turbine.modules.Layout.build(Layout.java,
> > Compiled Code)
> > > at
> > org.apache.turbine.modules.LayoutLoader.exec(LayoutLoader.java,
Compiled
> > Code)
> > > at
> > org.apache.turbine.modules.pages.DefaultPage.doBuild(DefaultPage.java,
> > Compiled Code)
> > > at org.apache.turbine.modules.Page.build(Page.java,
> > Compiled Code)
> > > at
> > org.apache.turbine.modules.PageLoader.exec(PageLoader.java, Compiled
> Code)
> > > at org.apache.turbine.Turbine.doGet(Turbine.java,
> > Compiled Code)
> > > at
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
> > > at
> > javax.servlet.http.HttpServlet.service(HttpServlet.java, Compiled
Code)
> > > at
> > org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java,
> > Compiled Code)
> > > at
org.apache.tomcat.core.Handler.service(Handler.java,
> > Compiled Code)
> > > at
> > org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java,
> > Compiled Code)
> > > at
> >
>
org.apache.tomcat.facade.RequestDispatcherImpl.doForward(RequestDispatcherImpl.java:222)
> > > at
> >
>
org.apache.tomcat.facade.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:162)
> > > at
> >
>
org.apache.jasper.runtime.PageContextImpl.forward(PageContextImpl.java:421)
> > > at
> >
>
_0002findex_0002ejspindex_jsp_1._jspService(_0002findex_0002ejspindex_jsp_1.java:59)
> > > at
> > org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:119)
> > > at
> > javax.servlet.http.HttpServlet.service(HttpServlet.java, Compiled
Code)
> > > at
> >
>
org.apache.jasper.servlet.JspServlet$JspCountedServlet.service(JspServlet.java:130)
> > > at
> > javax.servlet.http.HttpServlet.service(HttpServlet.java, Compiled
Code)
> > > at
> >
>
org.apache.jasper.servlet.JspServlet$JspServletWrapper.service(JspServlet.java:282)
> > > at
> >
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:429)
> > > at
> > org.apache.jasper.servlet.JspServlet.service(JspServlet.java, Compiled
> > Code)
> > > at
> > javax.servlet.http.HttpServlet.service(HttpServlet.java, Compiled
Code)
> > > at
> > org.apache.tomcat.core.ServletWrapper.doService(ServletWrapper.java,
> > Compiled Code)
> > > at
org.apache.tomcat.core.Handler.service(Handler.java,
> > Compiled Code)
> > > at
> > org.apache.tomcat.core.ServletWrapper.service(ServletWrapper.java,
> > Compiled Code)
> > > at
> >
>
org.apache.tomcat.core.ContextManager.internalService(ContextManager.java,
> > Compiled Code)
> > > at
> > org.apache.tomcat.core.ContextManager.service(ContextManager.java,
> > Compiled Code)
> > > at
> >
>
org.apache.tomcat.service.http.HttpConnectionHandler.processConnection(HttpConnectionHandler.java,
> > Compiled Code)
> > > at
> > org.apache.tomcat.service.TcpWorkerThread.runIt(PoolTcpEndpoint.java,
> > Compiled Code)
> > > at
> > org.apache.tomcat.util.ThreadPool$ControlRunnable.run(ThreadPool.java,
> > Compiled Code)
> > > at java.lang.Thread.run(Thread.java:479)
> > >
> > >
> > >
> >
>
>------------------------------------------------------------------------
> > >
> > >---------------------------------------------------------------------
> > >To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
> > >For additional commands, e-mail:
jetspeed-user-help@jakarta.apache.org
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: jetspeed-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: jetspeed-user-help@jakarta.apache.org
>
> --
> To unsubscribe, e-mail: <ma...@jakarta.apache.org>
> For additional commands, e-mail: <ma...@jakarta.apache.org>
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>
Re: Can't seem to use
myusername:mypassword@www.mydomain.cominaWebPagePortlet url
Posted by Paul Spencer <pa...@mikon.com>.
The hole I see in the intended implementation. We are not maintaining a
session with the web server, nor are we rewriting any links in the
returned page with the user information. This means any link returned
by the page will have NO user information, so clicking the link will be
seen by the web server as a request from an anonymous user.
Is this a problem?
Paul Spencer
--
To unsubscribe, e-mail: <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>