Hello,
I'm having problems getting the form-based authentication example that
ships with Tomcat 6 to work properly.
I have followed all the instructions at
http://tomcat.apache.org/tomcat-6.0-doc/realm-howto.html
to make the form authentication example using MemoryRealm to work for
http://myserver:9090/examples/jsp/security/protected/
but when I access this URL, I get the protected page that says:
You are logged in as remote user null in session BLAH...
No user principal could be identified.
I understand that this page should redirect me to the login.jsp page
instead where I can enter user1/test.
Here's what I did:
$CATALINA_HOME/conf/server.xml:
<Realm className="org.apache.catalina.realm.MemoryRealm" />
$CATALINA_HOME/conf/tomcat-users.xml:
<tomcat-users>
<role rolename="tomcat"/>
<role rolename="role1"/>
<user username="user2" password="test" roles="role1"/>
<user username="user1" password="test" roles="tomcat"/>
</tomcat-users>
$CATALINA_HOME/webapps/examples/WEB-INF/web.xml:
<security-constraint>
<display-name>Example Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<!-- Define the context-relative URL(s) to be protected -->
<url-pattern>/security/protected/*</url-pattern>
<!-- If you list http methods, only those methods are protected -->
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<!-- Anyone with one of the listed roles may access this area -->
<role-name>tomcat</role-name>
<role-name>role1</role-name>
</auth-constraint>
</security-constraint>
<!-- Default login configuration uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Example Form-Based Authentication Area</realm-name>
<form-login-config>
<form-login-page>/jsp/security/protected/login.jsp</form-login-page>
<form-error-page>/jsp/security/protected/error.jsp</form-error-page>
</form-login-config>
</login-config>
Any help would be much appreciated. I'm running Tomcat on a Solaris
workstation and accessing it from my Windows client with Firefox.
Regards,
Frank
--
Frank McCown
Old Dominion University
http://www.cs.odu.edu/~fmccown/
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]