Forums Register Login

Tomcat BASIC authentication fails in certain cases

+Pie Number of slices to send: Send
Hi,

I've got some issue, that I can't explain. I am running a Web-Application that provides a special login for certain customers. I am running a Tomcat Server (Version 5.5.17), using BASIC authentication configured in my web.xml:



Now if I and my colleagues log into this app everthing works fine. But one customer (one I know of) is not able to login. I first thought this is some kind of browser issue, but firefox as well as IE refuse to login. The always give 401 (not 403) after 3 'failed' attempts.

I am absolutely sure, that the provided username and password are correct. I am able to login with these.

To make things even trickier: If I provide the customer with a login to the tomcat manager webapp via tomcat-users.xml, he is able to login without problems.

I am totally !! In fact, the login action is never reached. Maybe there is some issue with SHA-1 password encryption? With the encoding (user and password contain only ASCII)?

Following my struts Login action, my context.xml and the struts-config.xml part for login:

LoginAction.java


META-INF/context.xml



struts-config.xml

[ August 27, 2006: Message edited by: Markus Reinhardt ]
+Pie Number of slices to send: Send
hi,
the problem is ur authentication method did not call during this execution u need to call the authentication machenism of ur realm.

and if u want to call the authentication at the page calling u can do it via using <security-constrain> tag where u need to give the url of pages which want authentication .

like

<security-constraint>
<web-resource-collection>
<web-resource-name>mytest</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>MyRealm</realm-name>
</login-config>

try this also
+Pie Number of slices to send: Send
Thanks for your reply.

But my web.xml contains a security-constraint. I just forgot to copy and paste it *shameonme*

The problem persists, does anyone have any other ideas?

A wop bop a lu bop a womp bam boom! Tiny ad:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com


reply
reply
This thread has been viewed 1524 times.
Similar Threads
Hibernate not finding Oracle driver - despite straight JDBC working
How to use DataSourceRealm?
problem with j_security_check
adding a Datasource to tomcat jndi
struts and jndi problem
More...

All times above are in ranch (not your local) time.
The current ranch time is
Mar 28, 2024 14:20:13.