Cas Filter, security filter and tomcat manager

Wed, 25 Apr 2007 02:54:43 -0700 

Hi,

I want to use these filters for authenticate on tomcat manger. I use this
wiki page :
http://www.ja-sig.org/wiki/display/CASC/Combining+CASFilter+with+Tomcat+Realms+using+SecurityFilter
http://www.ja-sig.org/wiki/display/CAS/CASifying+Tomcat+Manager

So I have this in my web.xml :

 ...
<filter>
       <filter-name>CASFilter</filter-name>
       <filter-class>edu.yale.its.tp.cas.client.filter.CASFilter
</filter-class>
       <init-param>
               <param-name>edu.yale.its.tp.cas.client.filter.loginUrl
</param-name>
               <param-value>https:///auth.univ-lille2.fr/cas/login
</param-value>
       </init-param>
       <init-param>
               <param-name>edu.yale.its.tp.cas.client.filter.validateUrl
</param-name>
               <param-value>https://auth.univ-lille2.fr/cas/serviceValidate
</param-value>
       </init-param>
       <init-param>
               <param-name>edu.yale.its.tp.cas.client.filter.serverName
</param-name>
               <param-value>agenda.univ-lille2.fr:8080</param-value>
       </init-param>
   </filter>

   <filter-mapping>
       <filter-name>CASFilter</filter-name>
       <url-pattern>/*</url-pattern>
   </filter-mapping>

 <filter>
       <filter-name>Security Filter</filter-name>
       <filter-class>org.securityfilter.filter.SecurityFilter
</filter-class>
       <init-param>
               <param-name>config</param-name>
               <param-value>/WEB-INF/securityfilter-config.xml
</param-value>
               <description>Configuration file location (this is the
default value)</description>
       </init-param>
       <init-param>
               <param-name>validate</param-name>
               <param-value>false</param-value>
               <description>Validate config file if set to
true</description>
       </init-param>
       <init-param>
               <param-name>formPattern</param-name>
               <param-value>/logMeIn</param-value>
               <description>
               As an example a login form can define "logMeIn" as it action
in place of the standard
               "j_security_check" which is a special flag user by app
servers for container managed security.
               </description>
       </init-param>
 </filter>

 <filter-mapping>
       <filter-name>Security Filter</filter-name>
       <url-pattern>/*</url-pattern>
 </filter-mapping>

 ....

I have create a securityfilter-config.xml

<?xml version="1.0" encoding="ISO-8859-1"?>

<!DOCTYPE securityfilter-config PUBLIC
  "-//SecurityFilter.org//DTD Security Filter Configuration 2.0//EN"
     "http://www.securityfilter.org/dtd/securityfilter-config_2_0.dtd";>

     <securityfilter-config>

      <security-constraint>
               <web-resource-collection>
                       <web-resource-name>Secure Pages</web-resource-name>
                        <url-pattern>/*</url-pattern>
                </web-resource-collection>
                <auth-constraint>
                        <role-name>tomcat admin</role-name>
                </auth-constraint>
      </security-constraint>
      <login-config>
                <auth-method>CAS</auth-method>
                <form-login-config>

<form-default-page>/html/index.html</form-default-page>
                </form-login-config>
      </login-config>

      <!-- start with a Catalina realm adapter to wrap the Catalina realm
defined below -->
      <realm className="
org.securityfilter.realm.catalina.CatalinaRealmAdapter" />

      <realm className="org.apache.catalina.realm.JNDIRealm">
               <realm-param name="connectionName"
value="cn=admin,dc=univ-lille2,dc=fr"/>
               <realm-param name="connectionPassword" value="prout"/>
               <realm-param name="digest" value="SHA"/>
               <realm-param name="connectionURL"
value="ldap://ldapmasta:1389"/>
               <realm-param name="userBase"
value="ou=people,dc=univ-lille2,dc=fr"/>
               <realm-param name="userSearch"
value="(supannAliasLogin={0})"/>
               <realm-param name="roleBase"
value="ou=appli,dc=univ-lille2,dc=fr"/>
               <realm-param name="roleSubtree" value="true"/>
               <realm-param name="roleName" value="cn"/>
               <realm-param name="roleSearch" value="(member={0})"/>
               <realm-param name="debug" value="99"/>
      </realm>
</securityfilter-config>


And i put casclient.jar and all jar of the security filter projet in
WEB-INF/lib.

For me there are no problem but i have this in the browser :

HTTP Status 404 - Servlet HTMLManager is not available
------------------------------

*type* Status report

*message* *Servlet HTMLManager is not available*

*description* *The requested resource (Servlet HTMLManager is not available)
is not available.*
------------------------------
Apache Tomcat/5.5

And in the log :

INFO http-8080-Processor25
org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager]
- Marking servlet HTMLManager as unavailable
INFO http-8080-Processor25
org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager]
- Marking servlet HTMLManager as unavailable


What is the problem?

Cordially

Aurelien Allienne

Reply via email to