Hi!
> Mario, you are a hero. do women come and worship you in the street?
Haha! Oh boy ... you don't want to know ...
Glad it helped you! :-)
Ciao,
Mario
-
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e
Mario, you are a hero. do women come and worship you in the street? they
should! Using reflection to break into an object of a foreign class is
just...genius! this is the sort of thing that Ruby programmers do all
the time, but is very hard to do in Java...
my final code (in the context of a S
http://tomcat.apache.org/tomcat-5.5-doc/class-loader-howto.html
this is why I can't reference any classes loaded from server/lib in my
webapp, the server/lib classes are loaded by the web application
classloader's "uncle", so to speak, the sibling of it's parent. so it
makes sense that no web
Hi!
> A more flexible option is to use securityfilter
> (http://securityfilter.sourceforge.net) to handle everything.
>
If you are already using spring have a look at ACEGI.
It is not really easy to install, but allows you to e.g. have different
login methods within the same webapp.
Regarding t
just downloaded security filter and had a look, it looks very cool. If I
had more robust requirements for my authentication (and more time!) I
would probably use it.
At the moment though I've got a workable work-around in using the
toString() method, so I'll just use that instead.
thanks Chr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matthew,
Matthew Kerle wrote:
> no, see my previous reply, tomcat fails to bootstrap if catalina.jar is
> not in server/lib...
That's too bad.
Why not just use the built-in authentication and authorization mechanism
instead of trying to use Tomcat's
I agree, the Principal interface is verily hobbled and almost useless
(Go Sun!). The catalina implementations are much more user-friendly, but
unfortunately difficult to access.
I can't really justify making the tomcat install non-standard (also
probably not possible as it's owned by the clien
no, see my previous reply, tomcat fails to bootstrap if catalina.jar is
not in server/lib...
Christopher Schultz wrote:
Peter,
Shouldn't it be acceptable to simply move catalina.jar from server/lib
to common/lib?
Sure, you'll still have a non-standard install, but it's easier to
script a setu
> From: Christopher Schultz [mailto:[EMAIL PROTECTED]
> Shouldn't it be acceptable to simply move catalina.jar from server/lib
> to common/lib?
>
> Sure, you'll still have a non-standard install, but it's easier to
> script a setup like that than pulling specific classes out of
> the distro (whi
Hi Chris
I naively tried relocating the catalina.jar to /common/lib, and got the
below error. Peter has a good comment to this problem in his reply, so
I'll continue the thread in response to his mail.
many thanks!
cmd /c C:\servers\apache-tomcat-5.5.23\bin\catalina.bat run
Using CATALINA_BA
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Peter,
Peter Crowther wrote:
> We ended up with the horrible, horrible hack of
> pulling the class out of catalina.jar, putting it in its own jar, and
> deploying that in common/lib.
Shouldn't it be acceptable to simply move catalina.jar from server/
> From: Matthew Kerle [mailto:[EMAIL PROTECTED]
> the MemoryUser class is in catalina.jar, which is in the server/lib
> folder. would I be right in saying that web application code
> is barred
> from loading any classes from the server/lib directory?
(light bulb comes on)
Ah yes, I remember t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Matt,
Matthew Kerle wrote:
> this is weird, check this out:
>
> //code (tomcat 5.5.23)
> java.security.Principal p = request.getUserPrincipal();
> System.out.println(p.getClass().getName().equals(MemoryUser.class.getName()));
> // prints "true"
> Sys
you're exactly right again. I just checked my project settings, I had to
add catalina.jar to the project libraries to get the class to compile,
but I'd forgotten to prevent it from being deployed, so there was a copy
of catalina.jar in my /WEB-INF/lib, doh!
So I configured it to not be deploye
> From: Matthew Kerle [mailto:[EMAIL PROTECTED]
> Class c1 = request.getUserPrincipal().getClass(); //get the
> class of the
> Principal that tomcat created , which is a MemoryUser instance
> Class c2 = MemoryUser.class; // get the class loaded by the
> current loader
> System.out.println(c1.ge
Peter,
you're exactly right.
***code***
Class c1 = request.getUserPrincipal().getClass(); //get the class of the
Principal that tomcat created , which is a MemoryUser instance
Class c2 = MemoryUser.class; // get the class loaded by the current loader
System.out.println(c1.getClassLoader().getCl
> From: Matthew Kerle [mailto:[EMAIL PROTECTED]
> So what this is saying is that the *names* of the classes are
> the same,
> but the actual classes are different. this is crazy...
I suspect the two classes are being loaded by different classloaders - a
common and entertaining* problem in Tomca
this is weird, check this out:
//code (tomcat 5.5.23)
java.security.Principal p = request.getUserPrincipal();
System.out.println(p.getClass().getName().equals(MemoryUser.class.getName()));
// prints "true"
System.out.println(p.getClass().equals(MemoryUser.class)); //prints "false"
So what this
//code
Object o = ic.lookup("java:comp/env/users");
System.out.println(o.getClass().getName()); // prints :
"org.apache.catalina.users.MemoryUserDatabase"
doing instanceof tests on the returned object for MemoryUserDatabase &
UserDatabase all fail, even though in debug that's clearly what it
InitialContext.lookup() gives you a simple object:
so change your code to
Context ic = new InitialContext();
Object o = ic.lookup("java:comp/env/users");
set a breakpoint and see, what type of object you're getting back.
hth
gregor
--
what's puzzlin' you, is the nature of my game
gpgp-fp: 79A
oops, also here is my resource definition from my web.xml:
Link to the UserDatabase instance from which we request lists of
defined role names. Typically, this will be connected to the global
user database with a ResourceLink element in server.xml or the context
confi
21 matches
Mail list logo
