Re: SingleSignOn Valve Not Challenging

Thu, 10 May 2007 09:11:53 -0700

you're expecting the * (wildcard) to apply to stuff in your realm, it doesn't. I believe you have to define the roles in (security-role) web.xml, and your * applies to the roles defined by security-role 

Filip

Daniel Curran wrote:

I have added an auth constraint

<auth-constraint>
   <role-name>*</role-name>
</auth-constraint>
I am now challenged but when I login I get an error: HTTP Status 403 - Access to the requested resource has been denied
When I look at the LDAP logs I see that I am successfully returning 1 entry, and if I provide invalid credentials I continue to be challenged.
I think this would be an issue with tomcat's security setup, but I am not sure where to look or how to debug this as no logs are being generated that would show me what/where the error might be. 

Thanks,
Dan

Caldarale, Charles R wrote:
From: Daniel Curran [mailto:[EMAIL PROTECTED] Subject: SingleSignOn Valve Not Challenging 

    <security-constraint>
        <display-name>Example Security Constraint</display-name>
        <web-resource-collection>
            <web-resource-name>Protected Area</web-resource-name>
            <url-pattern>/*</url-pattern>
        </web-resource-collection>
    </security-constraint>
    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>Single Sign-on Example</realm-name>
    </login-config>


You're missing <auth-constraint> within <security-constraint> and
<security-role> within <web-app>.

 - Chuck


THIS COMMUNICATION MAY CONTAIN CONFIDENTIAL AND/OR OTHERWISE PROPRIETARY
MATERIAL and is thus for use only by the intended recipient. If you
received this in error, please contact the sender and delete the e-mail
and its attachments from all computers.

---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to