Hi Mark and David!
See my response inline
On 10/8/07, Mark Thomas <[EMAIL PROTECTED]> wrote:
>
> Nicolas Gonzalez wrote:
> > I've done almost (I think that everything!) that the doc requires to
> > configure a FORM
> > based authentication and doesn't work.
> > I have a DB with users and user-roles tables and data in those tables
> but
> > every time I try
> > to log in my application it will fail with no reason, nor log either!
> > I started thinking that any kind of authentication wasn't going to work,
> so
> > I tried using the
> > BASIC based one, which surprisingly worked :)
>
> BASIC auth with the realm below or with the MemoryUserDatabaseRealm?
With the MemoryUserDatabaseRealm
> So, I don't know what is my mistake.
> > I'm sending here the content of my context xml file in
>
> Looks OK at first glance.
Looks ok for me too!
> (as u may see, the realm is not a DataSourceRealm because it doesn't work
> at
> > all, at least in my
> > case!!! Another problem for another thread I guess...)
>
> That is probably because you need to specify localDataSource="true" to
> tell the Realm the data source is defined in context.xml rather than
> globally in server.xml
Thx for this information. I didn't know that. I'll try and tell u what
happens after with that change!
> The web.xml of my app is correctly configured and that's not the problem!
>
> Can we see it any way, just to confirm please.
Sure. Here it is the security part of the xml file:
..................
<security-constraint>
<web-resource-collection>
<web-resource-name>Posgrado</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>DELETE</http-method>
<http-method>GET</http-method>
<http-method>POST</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<security-role>
<description>Administrador de la aplicacion</description>
<role-name>admin</role-name>
</security-role>
<login-config>
<auth-method>FORM</auth-method>
<realm-name>Posgrado Realm</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/autherror.jsp</form-error-page>
</form-login-config>
</login-config>
............
As you may have realized, in the BD there's a user with the role "admin" and
(this was requested by David's email) the login.jsp and autherror.jsp are
jsps taken from the examples of the tomcat documentation.
Every time I try to go to a configured action (Struts action), let's say:
main.do or whatever, I'm taken to the login.jsp.
After typying in the user and pass (correctly typed) I'm taken to the
autherror.jsp instead of the desired action.
The jsp is just like the examples of the doc. This is the reason whay I'm
not attaching those files to the email, because it's just the same....
Thanks in advance,
Nicolas Gonzalez
Buenos Aires - Argentina
Mark
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
