"Christopher Schultz" <[EMAIL PROTECTED]> wrote in message news:[EMAIL PROTECTED] > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Gary, > > Gary Weaver wrote: > | I get the following error, because those two page elements are relative > | to the webapp and not to the host part of the URL: > | > | HTTP Status 404 - /caladmin/Shibboleth.sso/Login > > :( > > Yeah, the spec says: > > "The form-login-page element defines the location in the web > ~ app where the page that can be used for login can be > ~ found. The path begins with a leading / and is interpreted > ~ relative to the root of the WAR." >
But more importantly, TC 5.5.x will do a forward to the login page, so it has to be served by Tomcat. > Okay, there's one more trick you can try. Keep the form-login-config the > way you have it in web.xml and add a filter (which may not work, > either). Write a filter that always redirects to "/Shibboleth.sso/Login" > (without adding the webapp's context path) no matter what, and install > it so that it intercepts requests to "/Shibboleth.sso/Login" (which will > include the context path). > This should work, but you need to configure it so that it intercepts forwards as well as top-level requests. > If it works, it will take a request to /caladmin/Shibboleth.sso/Login > (which is what Tomcat's authenticator generates) and perform a redirtect > to the URL that you really want. > > A little hack-y, but it might work. > > Another non-filter option would be to create a JSP for the login that > performs the redirect. That might be a bit cleaner because the logic > will be easier to follow (rather than having to simply know that there's > a filter out there doing evil things). > Actually, this is a little hack-y too. Shibboleth would need to redirect to j_security_check if the app ever POSTs to a restricted page in order to replay the request with the original request body. > Hope that helps, > - -chris > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.8 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkerK0UACgkQ9CaO5/Lv0PADVACgjSUmiRY024lWZohxeG1UuHtI > cfMAoKGEct0vIG6Cnh5WJNMmyTyyi6R9 > =nuVm > -----END PGP SIGNATURE----- > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
