Using Authentication/Authorization

Tue, 15 Nov 2005 12:49:56 -0800 

Hiya,
I am using Tomcat and Apache to host a simple website. I need to have some security on the site. At least to start with. Eventually I need to have security, period. :) So, following the documentation and several walk-thrus from many sources, I cannot get tomcat to cooperate. I am running Mac OS X 10.4.3 and am using Java 1.5.0, apache 1.3, and tomcat 5.5.12 and am connecting apache and tomcat with the ajp13 connector (using mod_jk version 1.2.14). At this point, I'm think I'm bypassing Apache/JKconnectors and going straight to the webapp via port 8080... 


When I set up the web.xml file for using, say, basic security, and  
then attempt to access the constrained resources, tomcat gives me the  
error that the requested resource is not availabe.  When I remove all  
attempts (in the web.xml file) at security, I can access the resource  
just fine.  I tried using the UserDatabase realm and also the  
MemoryRealm, but to no avail either way.



Next, when I go to the default tomcat page, http://localhost:8080,  
and try to go to the Administrator section, it asks for my login and  
password.  (I've configured the tomcat-users.xml file to add an admin  
and manager role to one of the users and restarted the server.)  But  
when I attempt to log in, I get the error: "The requested resource (/ 
admin/j_security_check) is not available."  I know j_security_check  
is the action you enter for a form authentication, but this is what  
came with tomcat.. nothing of my creation, so I don't think I'm the  
problem.  This link worked on my tomcat version 5.0.  I upgraded  
today and now it doesn't work... so now seeings how I can't seem to  
get security running on my webapp and I can't log in to the  
administration section of the server, I'm wondering if there is some  
funk going on out of my scope.  I downloaded the binaries for mac..  
maybe something is wrong?  If anyone has any idea, please let me  
know.. I am at a total loss.


Thankyou,
Jess Ryan


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to