You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Binu Kuttikkattu Idicula <bi...@googlemail.com> on 2010/03/28 14:20:12 UTC
Re: BASIC Authentication : Not working
> Hi,
> I was trying a very basic example of authentication using HTTP Basic
> Authentication. However this seems not working in TOMCAT 6.0.20 for my
> application. Here is the web.xml which tells about login
>
>
> <security-role>
>
> <role-name>application</role-name>
>
> </security-role>
>
> <!-- SECURITY CONSTRAINT -->
>
> <security-constraint>
>
> <web-resource-collection>
>
> <web-resource-name>JSP</web-resource-name>
>
> <url-pattern>/*corejspbean*/StringBean.jsp</url-pattern>
>
> <http-method>GET</http-method>
>
> <http-method>POST</http-method>
>
> </web-resource-collection>
>
> <auth-constraint>
>
> <role-name>application</role-name>
>
> </auth-constraint>
>
> <user-data-constraint>
>
> <transport-guarantee>CONFIDENTIAL</transport-guarantee>
>
> </user-data-constraint>
>
> </security-constraint>
>
> <!-- LOGIN CONFIGURATION-->
>
> <login-config>
>
> <auth-method>BASIC</auth-method>
>
> <realm-name>application</realm-name>
>
> </login-config>
>
>
>
> I have also defined a role "application" and a user by name "user" for that
> role in tomcat-users file. What could be the problem?
>
Re: BASIC Authentication : Not working
Posted by Konstantin Kolinko <kn...@gmail.com>.
2010/3/28 Binu Kuttikkattu Idicula <bi...@googlemail.com>:
> It is in corejspbean.war and after trying out
> <url-pattern>/StringBean.jsp</url-pattern>, the access is restricted only to
> the StringBean.jsp which was the real need. Thanks.
>
> A little curious about URL pattern if it is in webapps/corejspbean.. Does
> the pattern change? Is there any rule/documentation mentioing this?
>
1. Syntax for the URL patterns is defined in the Servlet Specification.
http://java.sun.com/products/servlet/download.html#specs
2. All patterns in web.xml are relative to the root of your web
application (aka the context of your web application). That is why
there is no "corejspbean" in the pattern.
Best regards,
Konstantin Kolinko
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: BASIC Authentication : Not working
Posted by Binu Kuttikkattu Idicula <bi...@googlemail.com>.
It is in corejspbean.war and after trying out
<url-pattern>/StringBean.jsp</url-pattern>, the access is restricted only to
the StringBean.jsp which was the real need. Thanks.
A little curious about URL pattern if it is in webapps/corejspbean.. Does
the pattern change? Is there any rule/documentation mentioing this?
On Sun, Mar 28, 2010 at 6:42 PM, Konstantin Kolinko
<kn...@gmail.com>wrote:
> 2010/3/28 Binu Kuttikkattu Idicula <bi...@googlemail.com>:
> > The exact URL which I access is
> > http://localhost:8080/corejspbean/StringBean.jsp . How do I define a
> > URLPattern for this?
>
> <url-pattern>/StringBean.jsp</url-pattern>
>
> I suppose that your application is "corejspbean.war" or is in
> webapps/corejspbean
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
Re: BASIC Authentication : Not working
Posted by Konstantin Kolinko <kn...@gmail.com>.
2010/3/28 Binu Kuttikkattu Idicula <bi...@googlemail.com>:
> The exact URL which I access is
> http://localhost:8080/corejspbean/StringBean.jsp . How do I define a
> URLPattern for this?
<url-pattern>/StringBean.jsp</url-pattern>
I suppose that your application is "corejspbean.war" or is in
webapps/corejspbean
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: BASIC Authentication : Not working
Posted by Binu Kuttikkattu Idicula <bi...@googlemail.com>.
<url-pattern>/*</url-pattern>
Hi Harry,
When I replaced url to <url-pattern>/*</url-pattern> it is asking for a
user name password. The exact URL which I access is
http://localhost:8080/corejspbean/StringBean.jsp . How do I define a
URLPattern for this?
Thank you for your quick help.
Binu K Idicula
On Sun, Mar 28, 2010 at 5:56 PM, Harry Metske <ha...@gmail.com>wrote:
> I would think your url-pattern is not valid :
>
> <url-pattern>/*corejspbean*/StringBean.jsp</url-pattern>
>
> I don't know the exact rules for the pattern, but could you try first with
> /* and see if that works, and then tweak the url-pattern further to your
> needs ?
>
> regards,
> Harry
>
> 2010/3/28 Binu Kuttikkattu Idicula <bi...@googlemail.com>
>
> > > Hi,
> > > I was trying a very basic example of authentication using HTTP Basic
> > > Authentication. However this seems not working in TOMCAT 6.0.20 for my
> > > application. Here is the web.xml which tells about login
> > >
> > >
> > > <security-role>
> > >
> > > <role-name>application</role-name>
> > >
> > > </security-role>
> > >
> > > <!-- SECURITY CONSTRAINT -->
> > >
> > > <security-constraint>
> > >
> > > <web-resource-collection>
> > >
> > > <web-resource-name>JSP</web-resource-name>
> > >
> > > <url-pattern>/*corejspbean*/StringBean.jsp</url-pattern>
> > >
> > > <http-method>GET</http-method>
> > >
> > > <http-method>POST</http-method>
> > >
> > > </web-resource-collection>
> > >
> > > <auth-constraint>
> > >
> > > <role-name>application</role-name>
> > >
> > > </auth-constraint>
> > >
> > > <user-data-constraint>
> > >
> > > <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> > >
> > > </user-data-constraint>
> > >
> > > </security-constraint>
> > >
> > > <!-- LOGIN CONFIGURATION-->
> > >
> > > <login-config>
> > >
> > > <auth-method>BASIC</auth-method>
> > >
> > > <realm-name>application</realm-name>
> > >
> > > </login-config>
> > >
> > >
> > >
> > > I have also defined a role "application" and a user by name "user" for
> > that
> > > role in tomcat-users file. What could be the problem?
> > >
> >
>
Re: BASIC Authentication : Not working
Posted by Harry Metske <ha...@gmail.com>.
I would think your url-pattern is not valid :
<url-pattern>/*corejspbean*/StringBean.jsp</url-pattern>
I don't know the exact rules for the pattern, but could you try first with
/* and see if that works, and then tweak the url-pattern further to your
needs ?
regards,
Harry
2010/3/28 Binu Kuttikkattu Idicula <bi...@googlemail.com>
> > Hi,
> > I was trying a very basic example of authentication using HTTP Basic
> > Authentication. However this seems not working in TOMCAT 6.0.20 for my
> > application. Here is the web.xml which tells about login
> >
> >
> > <security-role>
> >
> > <role-name>application</role-name>
> >
> > </security-role>
> >
> > <!-- SECURITY CONSTRAINT -->
> >
> > <security-constraint>
> >
> > <web-resource-collection>
> >
> > <web-resource-name>JSP</web-resource-name>
> >
> > <url-pattern>/*corejspbean*/StringBean.jsp</url-pattern>
> >
> > <http-method>GET</http-method>
> >
> > <http-method>POST</http-method>
> >
> > </web-resource-collection>
> >
> > <auth-constraint>
> >
> > <role-name>application</role-name>
> >
> > </auth-constraint>
> >
> > <user-data-constraint>
> >
> > <transport-guarantee>CONFIDENTIAL</transport-guarantee>
> >
> > </user-data-constraint>
> >
> > </security-constraint>
> >
> > <!-- LOGIN CONFIGURATION-->
> >
> > <login-config>
> >
> > <auth-method>BASIC</auth-method>
> >
> > <realm-name>application</realm-name>
> >
> > </login-config>
> >
> >
> >
> > I have also defined a role "application" and a user by name "user" for
> that
> > role in tomcat-users file. What could be the problem?
> >
>