Re: BASIC authentication problem in tomcat8.0.33

Wed, 18 May 2016 04:48:40 -0700 

On 18/05/2016 12:47, Mark Thomas wrote:
> On 18/05/2016 11:07, Venkata Reddy P wrote:
>> Hi,
>>
>> I have been using the "BASIC authentication" from the tomcat3.x onwards, 
>> unfortunately after migrating to tomcat8.0.33 it is broken.
> 
> BASIC auth works for me with a clean 8.0.33 install. Therefore this
> looks like a problem with your custom code.

And the space after the role name in web.xml might not help either.

Mark


> 
> Mark
> 
>> Could you please help on this what is going wrong?
>>
>> Step1)-------Realm customization--------
>>                 The customized classes are:-
>>                 a) CustomizedPrincipal implements Principal
>>                 b) CustomizedRealmBase extends RealmBase   :- this is 
>> returning successful customizedPrincipal to base class and then it is 
>> failing with following error.
>>                                                                         HTTP 
>> Status 403 - Access to the requested resource has been denied
>>                                                                         type 
>> Status report
>>                                                                         
>> message Access to the requested resource has been denied
>>                                                                         
>> description Access to the specified resource has been forbidden.
>> Step2)  I have removed the files 'tomcat-users.txt' and 'tomcat-users.xsd' 
>> from <catalina_home>\config
>> Spte3)-----Web.xml basic authentication configuration--------
>>     <security-constraint>
>>       <display-name>Security Constraint</display-name>
>>       <web-resource-collection>
>>          <web-resource-name>Restricted Area</web-resource-name>
>>          <url-pattern>/*</url-pattern>
>>       </web-resource-collection>
>>       <auth-constraint>
>>          <role-name>bauth </role-name>
>>       </auth-constraint>
>>     </security-constraint>
>>
>>     <login-config>
>>       <auth-method>BASIC</auth-method>
>>       <realm-name>Basic authentication</realm-name>
>>     </login-config>
>>
>> Thanks in advance.
>>
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
> For additional commands, e-mail: users-h...@tomcat.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to