AutoLogin With Realms
It seems to me that Tomcat security realms may be a bit inflexible. It seems easy to set it up to require login for protected resources, but it seems difficult to programmatically integrate and affect login state otherwise. I would like to accomplish a couple of very common authentication scenarios and am wondering (a) if they're possible using realms and (b) if so - how would one accomplish them? Auto Login Scenarios: 1. New Account - After a user signs up for my website and an account is present in the database, they can login. But it seems terrible to me to ask a person to login after having just created an account; they should already be logged in when they're done creating the account! 2. Remember Me - I want to give the user the option to select a "remember me" checkbox when logging in, in which case, a cookie is set locally and if the cookie is present, then the user will be automatically logged in when they return, rather than having to submit the login form. ...in both of these cases, I need the ability to programmatically log someone in; not just send them to a form-protected resource. Is this possible? Can someone explain to me how this is done? Thanks! Neal - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Auto Login Using Realms - Is It Possible? :(
It seems to me that Tomcat security realms may be a bit inflexible. It seems easy to set it up to require login for protected resources, but it seems difficult to programmatically integrate and affect login state otherwise. I would like to accomplish a couple of very common authentication scenarios and am wondering (a) if they're possible using realms and (b) if so - how would one accomplish them? Auto Login Scenarios: 1. New Account - After a user signs up for my website and an account is present in the database, they can login. But it seems terrible to me to ask a person to login after having just created an account; they should already be logged in when they're done creating the account! 2. Remember Me - I want to give the user the option to select a "remember me" checkbox when logging in, in which case, a cookie is set locally and if the cookie is present, then the user will be automatically logged in when they return, rather than having to submit the login form. ...in both of these cases, I need the ability to programmatically log someone in; not just send them to a form-protected resource. Is this possible? Can someone explain to me how this is done? Thanks! Neal - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Auto Login Using Realms - Is It Possible? :(
Oh. I'm not sure I follow (a) how you new I responded to a thread or (b) how it cuases a problem. I removed all the text of the previous thread and even changed the subject name. It should've been a new thread I thought. :( Well, I guess I'll do it as you suggested moving forward. Do I need to re-post now as you suggested? Thanks. Neal -Original Message- From: Mark Thomas [mailto:[EMAIL PROTECTED] Sent: Tuesday, March 28, 2006 12:22 PM To: Tomcat Users List Subject: Re: Auto Login Using Realms - Is It Possible? :( When starting a new thread (ie sending a message to the list about a new topic) please do not reply to an existing message and change the subject line. To many of the list archiving services and mail clients used by list subscribers this makes your new message appear as part of the old thread. This makes it harder for other users to find relevant information when searching the lists. This is known as thread hijacking and is behaviour that is frowned upon on this list. Frequent offenders will be removed from the list. It should also be noted that many list subscribers automatically ignore any messages that hijack another thread. The correct procedure is to create a new message with a new subject. This will start a new thread. Mark tomcat-users-owner - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Auto Login Using Realms - Is It Possible?
It seems to me that Tomcat security realms may be a bit inflexible. It seems easy to set it up to require login for protected resources, but it seems difficult to programmatically integrate and affect login state otherwise. I would like to accomplish a couple of very common authentication scenarios and am wondering (a) if they're possible using realms and (b) if so - how would one accomplish them? Auto Login Scenarios: 1. New Account - After a user signs up for my website and an account is present in the database, they can login. But it seems terrible to me to ask a person to login after having just created an account; they should already be logged in when they're done creating the account! 2. Remember Me - I want to give the user the option to select a "remember me" checkbox when logging in, in which case, a cookie is set locally and if the cookie is present, then the user will be automatically logged in when they return, rather than having to submit the login form. ...in both of these cases, I need the ability to programmatically log someone in; not just send them to a form-protected resource. Is this possible? Can someone explain to me how this is done? Thanks! Neal
mod_jk / 503 Error
I have mod_jk / tomcat and apache somewhat working together but I am getting an error when displaying pages via the connector. Tomcat is set up and works. I can hit: http://www.site.com:8080/examples/ or http://www.site.com:8009/examples/ However, when I try: http://www.site.com/examples/ I get a 503 error. "Service Temporarily Unavailable. The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later." What stands out in my mod_jk.log is this line: " trying to connect socket 10 to 127.0.0.1:8009" The system seems to be trying to connect via the local host. As you can see from my config files below I do not reference localhost or the 127.0.0.1 IP address. Best I can tell JK should be using http://www.site.com:8009 to get/pass data to Tomcat from Apache. Is there a configuration option I am missing? Or how can I get JK to use the correct location? Thanks, Neal System Specs: Lixux/Debian Apache 1.3.X Tomcat 4.1.31 JK 1.2.14 mod_jk.log file: [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (442): Attempting to map URI '/examples/' from 11 maps [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/jsp/security/protected/j_security_check' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/CompressionTest' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/SendMailServlet' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/servletToJsp' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/servlet/*' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/*.jsp' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/snoop' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/*' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (468): Found a wildchar match ajp13 -> /examples/* [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (442): Attempting to map URI '/examples/' from 11 maps [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/jsp/security/protected/j_security_check' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/CompressionTest' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/SendMailServlet' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/servletToJsp' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/servlet/*' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/*.jsp' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/snoop' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (454): Attempting to map context URI '/examples/*' [Tue Jan 24 13:53:01 2006] [23378:] [debug] map_uri_to_worker::jk_uri_worker_map.c (468): Found a wildchar match ajp13 -> /examples/* [Tue Jan 24 13:53:01 2006] [23378:] [debug] wc_get_worker_for_name::jk_worker.c (111): found a worker ajp13 [Tue Jan 24 13:53:01 2006] [23378:] [debug] wc_maintain::jk_worker.c (301): Maintaining worker ajp13 [Tue Jan 24 13:53:01 2006] [23378:] [debug] init_ws_service::mod_jk.c (479): Service protocol=HTTP/1.1 method=GET host=(null) addrr=68.58.4.70 name=www.site.com port=80 auth=(null) user=(null) laddr=66.33.192.77 raddr=68.58.4.70 [Tue Jan 24 13:53:01 2006] [23378:] [debug] ajp_get_endpoint::jk_ajp_common.c (2119): acquired connection cache slot=0 [Tue Jan 24
SSL Handshake Error!
Help!!! I use a secure (https) XML feed and it appears the provider recently switched SSL certificate providers and is now using an Equifax certificate. Since that switch occured, my code is now throwing the following exceptions: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Could not find trusted certificate Per the research I have done, I believe this must mean that the root certificate from Equifax must be installed in my local Keystore, in order to trust and decipher this certificate. But attempts so far to import this into the keystore and obtain successful connection again have all failed. Does anyone know what is going on? Am I on the right path? Does anyone know what I am doing wrong? Thanks. Neal
RE: SSL Handshake Error!
Aaah! Thanks Mark. We'll give it a shot. Neal Mark Thomas <[EMAIL PROTECTED]> wrote: Sounds like you are on the right path. The Equifax certificate must be installed in the trust store, not your key store. Where this is depends on whether you are using a JDK or a JRE but as an example, on my laptop the path is D:\jdk1.5.0_05\jre\lib\security\cacerts Mark > -Original Message- > From: Neal Cabage [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 25, 2005 8:00 PM > To: Tomcat Users List > Subject: SSL Handshake Error! > > > Help!!! > > I use a secure (https) XML feed and it appears the provider > recently switched SSL certificate providers and is now using > an Equifax certificate. Since that switch occured, > my code is now throwing the following exceptions: > > > > javax.net.ssl.SSLHandshakeException: > java.security.cert.CertificateException: Could not find > trusted certificate > > > > Per the research I have done, I believe this must mean that > the root certificate from Equifax must be installed in my > local Keystore, in order to trust and decipher this > certificate. But attempts so far > > > to import this into the keystore and obtain successful > connection again have all failed. > > Does anyone know what is going on? Am I on the right path? > Does anyone know what I am doing wrong? > > > > Thanks. > > Neal > - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
