[wplug] Tomcat5 question basic-auth
Maceno, Shawn
smaceno at Accessdc.com
Thu Jun 9 13:53:26 EDT 2005
Thanks for the assistance. I fixed the problem by using the single sign
on option in Tomcat. This allowed the authentication to pass through
from http to https, eliminating the double-login issue I was seeing.
Thanks again!
Shawn Maceno
-----Original Message-----
From: wplug-bounces+smaceno=accessdc.com at wplug.org
[mailto:wplug-bounces+smaceno=accessdc.com at wplug.org] On Behalf Of Carl
Trusiak
Sent: Wednesday, June 08, 2005 10:10 AM
To: wplug at wplug.org
Subject: RE: [wplug] Tomcat5 question basic-auth
This looks more to me to be a Browser problem and not a Tomcat problem.
The
browser isn't return the Auth header with the redirct. This could be
caused
by the change from http to https protocol. I've also see information
where
changing from http://mysite.com to http://www.mysite.com or to
http://mysub.mysite.com will prevent the browser from sending the auth
header.
How many html pages does the site have? if this is the only one, remove
the
html patterns from the web.xml
Carl Trusiak
>From: Shawn Maceno <smaceno at accessdc.com>
>Reply-To: General user list <wplug at wplug.org>
>To: General user list <wplug at wplug.org>
>Subject: [wplug] Tomcat5 question basic-auth
>Date: Wed, 08 Jun 2005 08:00:26 -0400
>
>I'm using Tomcat 5 and am trying to configure basic authentication on a
>web-app to prevent the site from being open to the public. I have auth
>working. The first page brought up is
http://www.mysite.com/login.html,
>which prompts you to log in, and upon successful login, the next page
>brought up is https://www.mysite.com/login.do. Again, you're prompted
>for the basic-auth by Tomcat. Does anyone have any ideas on how to
>prevent the second log on?
>
>BTW, login.html contains the following html redirect:
><meta http-equiv="REFRESH" content="0;url=logon.do"></HEAD>
>
>and the web.xml for the web-app contains the following auth information
>
><resource-env-ref>
> <description>
> Link to the UserDatabase instance from which we request lists of
> defined role names. Typically, this will be connected to the
>global
> user database with a ResourceLink element in server.xml or the
>context
> configuration file for the Manager web application.
> </description>
> <resource-env-ref-name>users</resource-env-ref-name>
> <resource-env-ref-type>
> org.apache.catalina.UserDatabase
> </resource-env-ref-type>
> </resource-env-ref>
>
>
> <security-constraint>
> <display-name>Site Security Constraint</display-name>
> <web-resource-collection>
> <web-resource-name>Protected Area</web-resource-name>
> <url-pattern>*.jsp</url-pattern>
> <url-pattern>*.do</url-pattern>
> <url-pattern>*.html</url-pattern>
> <url-pattern>*.htm</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>Site</role-name>
> </auth-constraint>
> </security-constraint>
>
>
> <login-config>
> <auth-method>BASIC</auth-method>
> <realm-name>Site Application</realm-name>
> </login-config>
>
>
><security-role>
> <description>
> The role that is required to log in to the Site Application
> </description>
> <role-name>Site</role-name>
> </security-role>
>
>
>
>Thanks for any help!
>
>Shawn Maceno
>_______________________________________________
>wplug mailing list
>wplug at wplug.org
>http://www.wplug.org/mailman/listinfo/wplug
_______________________________________________
wplug mailing list
wplug at wplug.org
http://www.wplug.org/mailman/listinfo/wplug
More information about the wplug
mailing list