-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
All,
Berglas, Anthony wrote:
>> If you really want to hack around with authentication and
>> authorization, check out securityfilter
>> (http://securityfilter.sourrceforge.net). The code is portable
>> across servlet containers, and especially across
Thanks for your replies, I think that the matter is settled.
> > The underlying issue is that when Role R is required for Page P then
> > *TWO* things need to happen depending on whether the user is in role
R.
> > These are
> >
> > 1. Allow or block access to page P.
> > 2. Grey out or not grey ou
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Johnny,
> I was hoping that for what you need it would be possible to piggyback on
> that simple framework, even if it meant parsing the tomcat-users.xml to
> gray menu's, but it seems you have to work outside of that frame-work.
Parsing tomcat-users
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anthony,
Berglas, Anthony wrote:
> Thanks for the reply.
>
> The underlying issue is that when Role R is required for Page P then
> *TWO* things need to happen depending on whether the user is in role R.
> These are
>
> 1. Allow or block access to p
En l'instant précis du 27/03/07 02:22, Berglas, Anthony s'exprimait en
ces termes:
> Tomcat seems to only check the Authorization: headers if there is some
> explicitly declared in web.xml. However, it
> appears that the optimization has been incorrectly implemented because
> it does not then re
e making some additional mapping function...
If you need someone to write the framework for you, once you have decided
what you want, call me.
Regards,
Johnny
- Original Message -
From: "Berglas, Anthony" <[EMAIL PROTECTED]>
To: "Tomcat Users List"
Cc:
Thanks for your reply.
> Getting the user name and password
>
> String authorization = request.getHeader("Authorization");
> if (authorization == null) return 0;
>
> // Authorization headers looks like "Basic blahblah",
> // where blahblah is the b
Thanks for the reply.
The underlying issue is that when Role R is required for Page P then
*TWO* things need to happen depending on whether the user is in role R.
These are
1. Allow or block access to page P.
2. Grey out or not grey out the menu item for page P.
We only want to specify the fact
regards,
Johnny
- Original Message -
From: "Berglas, Anthony" <[EMAIL PROTECTED]>
To:
Sent: Tuesday, March 27, 2007 2:22 AM
Subject: Basic Auth without web.xml not working
Tomcat seems to only check the Authorization: headers if there is some
explicitly declared in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Anthony,
Berglas, Anthony wrote:
> Tomcat seems to only check the Authorization: headers if there is some
> explicitly declared in web.xml. However, it
> appears that the optimization has been incorrectly implemented because
> it does not then rech
Tomcat seems to only check the Authorization: headers if there is some
explicitly declared in web.xml. However, it
appears that the optimization has been incorrectly implemented because
it does not then recheck the header if request.isUserInRole(...) etc.
are called. So users cannot log into a
11 matches
Mail list logo
