Re: BASIC authentication problem in tomcat8.0.33

Thu, 19 May 2016 04:04:23 -0700 

On 18/05/2016 15:33, Venkata Reddy P wrote:
> Hi,
> 
> It looks like below comparison(principal instanceof GenericPrincipal) is 
> failing as I am returning the CustomizedPrincipal which implements the 
> java.security.Principal.
> 
> Is it something introduced in tomcat7.x/tomcat8.x?

No.

The source code, including full history, is available in svn if you want
to find out how far back this code goes.

Mark


> RealBase.hasRole()
> 
> {
> 
> // Should be overridden in JAASRealm - to avoid pretty inefficient conversions
> 
>         if ((principal == null) || (role == null) ||
> 
>             !(principal instanceof GenericPrincipal))
> 
>             return (false);
> 
> }
> 
> 
> 
> Thanks in advance
> 
> 
> 
> -----Original Message-----
> From: Venkata Reddy P [mailto:venkata.re...@trianz.com]
> Sent: Wednesday, May 18, 2016 5:23 PM
> To: Tomcat Users List
> Subject: RE: BASIC authentication problem in tomcat8.0.33
> 
> 
> 
> This was typo in while writing mail.  When I debug my customized code until 
> it is returning the principal everything seems to be good from customization 
> point of view.
> 
> Removing the default files'tomcat-users.txt' and   'tomcat-users.xsd' from 
> <catalina_home>\config, will it make any difference?
> 
> 
> 
> Thanks in advance
> 
> 
> 
> -----Original Message-----
> 
> From: Mark Thomas [mailto:ma...@apache.org]
> 
> Sent: Wednesday, May 18, 2016 5:18 PM
> 
> To: Tomcat Users List
> 
> Subject: Re: BASIC authentication problem in tomcat8.0.33
> 
> 
> 
> On 18/05/2016 12:47, Mark Thomas wrote:
> 
>> On 18/05/2016 11:07, Venkata Reddy P wrote:
> 
>>> Hi,
> 
>>>
> 
>>> I have been using the "BASIC authentication" from the tomcat3.x onwards, 
>>> unfortunately after migrating to tomcat8.0.33 it is broken.
> 
>>
> 
>> BASIC auth works for me with a clean 8.0.33 install. Therefore this
> 
>> looks like a problem with your custom code.
> 
> 
> 
> And the space after the role name in web.xml might not help either.
> 
> 
> 
> Mark
> 
> 
> 
> 
> 
>>
> 
>> Mark
> 
>>
> 
>>> Could you please help on this what is going wrong?
> 
>>>
> 
>>> Step1)-------Realm customization--------
> 
>>>                 The customized classes are:-
> 
>>>                 a) CustomizedPrincipal implements Principal
> 
>>>                 b) CustomizedRealmBase extends RealmBase   :- this is 
>>> returning successful customizedPrincipal to base class and then it is 
>>> failing with following error.
> 
>>>                                                                         
>>> HTTP Status 403 - Access to the requested resource has been denied
> 
>>>                                                                         
>>> type Status report
> 
>>>                                                                         
>>> message Access to the requested resource has been denied
> 
>>>                                                                         
>>> description Access to the specified resource has been forbidden.
> 
>>> Step2)  I have removed the files 'tomcat-users.txt' and
> 
>>> 'tomcat-users.xsd' from <catalina_home>\config Spte3)-----Web.xml basic 
>>> authentication configuration--------
> 
>>>     <security-constraint>
> 
>>>       <display-name>Security Constraint</display-name>
> 
>>>       <web-resource-collection>
> 
>>>          <web-resource-name>Restricted Area</web-resource-name>
> 
>>>          <url-pattern>/*</url-pattern>
> 
>>>       </web-resource-collection>
> 
>>>       <auth-constraint>
> 
>>>          <role-name>bauth </role-name>
> 
>>>       </auth-constraint>
> 
>>>     </security-constraint>
> 
>>>
> 
>>>     <login-config>
> 
>>>       <auth-method>BASIC</auth-method>
> 
>>>       <realm-name>Basic authentication</realm-name>
> 
>>>     </login-config>
> 
>>>
> 
>>> Thanks in advance.
> 
>>>
> 
>>
> 
>>
> 
>> ---------------------------------------------------------------------
> 
>> To unsubscribe, e-mail: 
>> users-unsubscr...@tomcat.apache.org<mailto:users-unsubscr...@tomcat.apache.org>
> 
>> For additional commands, e-mail: 
>> users-h...@tomcat.apache.org<mailto:users-h...@tomcat.apache.org>
> 
>>
> 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> 
> To unsubscribe, e-mail: 
> users-unsubscr...@tomcat.apache.org<mailto:users-unsubscr...@tomcat.apache.org>
> 
> For additional commands, e-mail: 
> users-h...@tomcat.apache.org<mailto:users-h...@tomcat.apache.org>
> 
> 
> 
> 
> 
> ---------------------------------------------------------------------
> 
> To unsubscribe, e-mail: 
> users-unsubscr...@tomcat.apache.org<mailto:users-unsubscr...@tomcat.apache.org>
> 
> For additional commands, e-mail: 
> users-h...@tomcat.apache.org<mailto:users-h...@tomcat.apache.org>
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org

Reply via email to