I have added an auth constraint <auth-constraint> <role-name>*</role-name> </auth-constraint>
I am now challenged but when I login I get an error: HTTP Status 403 - Access to the requested resource has been denied
When I look at the LDAP logs I see that I am successfully returning 1 entry, and if I provide invalid credentials I continue to be challenged.
I think this would be an issue with tomcat's security setup, but I am not sure where to look or how to debug this as no logs are being generated that would show me what/where the error might be.
Thanks, Dan Caldarale, Charles R wrote:
From: Daniel Curran [mailto:[EMAIL PROTECTED] Subject: SingleSignOn Valve Not Challenging<security-constraint> <display-name>Example Security Constraint</display-name> <web-resource-collection> <web-resource-name>Protected Area</web-resource-name> <url-pattern>/*</url-pattern> </web-resource-collection> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>Single Sign-on Example</realm-name> </login-config>You're missing <auth-constraint> within <security-constraint> and <security-role> within <web-app>. - Chuck THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY MATERIAL and is thus for use only by the intended recipient. If you received this in error, please contact the sender and delete the e-mail and its attachments from all computers. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
