Can you supply the relevant sections of your web.xml? I am using FORM-based
authentication--tested with both the Memory and JAAS realms--but maybe this
will give you some hints:
...
<security-constraint>
<web-resource-collection>
<web-resource-name>home page</web-resource-name>
<url-pattern>/index.jsp</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>myrole</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/loginError.jsp</form-login-page>
</form-login-config>
</login-config>
<security-role>
<role-name>myrole</role-name>
</security-role>
...
On 11/15/05 1:49 PM, "Jess" <[EMAIL PROTECTED]> wrote:
> Hiya,
>
> I am using Tomcat and Apache to host a simple website. I need to
> have some security on the site. At least to start with. Eventually
> I need to have security, period. :) So, following the documentation
> and several walk-thrus from many sources, I cannot get tomcat to
> cooperate. I am running Mac OS X 10.4.3 and am using Java 1.5.0,
> apache 1.3, and tomcat 5.5.12 and am connecting apache and tomcat
> with the ajp13 connector (using mod_jk version 1.2.14). At this
> point, I'm think I'm bypassing Apache/JKconnectors and going straight
> to the webapp via port 8080...
>
> When I set up the web.xml file for using, say, basic security, and
> then attempt to access the constrained resources, tomcat gives me the
> error that the requested resource is not availabe. When I remove all
> attempts (in the web.xml file) at security, I can access the resource
> just fine. I tried using the UserDatabase realm and also the
> MemoryRealm, but to no avail either way.
>
> Next, when I go to the default tomcat page, http://localhost:8080,
> and try to go to the Administrator section, it asks for my login and
> password. (I've configured the tomcat-users.xml file to add an admin
> and manager role to one of the users and restarted the server.) But
> when I attempt to log in, I get the error: "The requested resource (/
> admin/j_security_check) is not available." I know j_security_check
> is the action you enter for a form authentication, but this is what
> came with tomcat.. nothing of my creation, so I don't think I'm the
> problem. This link worked on my tomcat version 5.0. I upgraded
> today and now it doesn't work... so now seeings how I can't seem to
> get security running on my webapp and I can't log in to the
> administration section of the server, I'm wondering if there is some
> funk going on out of my scope. I downloaded the binaries for mac..
> maybe something is wrong? If anyone has any idea, please let me
> know.. I am at a total loss.
>
> Thankyou,
> Jess Ryan
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
