• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

Problem with security constraints while doing authentication & authorization

 
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi everybody,

I have declared roles in xml files as below, doing authorization (using tomcat).

in tomcat-users.xml



in web.xml (of my application-Jyoti)




It is not working for the described constraints?

What's wrong with this declarations?

If I give url pattern for the directory in "E:\Tomcat6.0\webapps\Jyoti\WEB-INF\classes\web"
as
<url-pattern>/Jyoti/classes/web/*</url-pattern> or <url-pattern>/Jyoti/web/*</url-pattern>

then too it's not working.

Am I doing it in right way?

Wat's wrong? What is the solution instead?


Also will it do authentication as well?

Can anybody please explain?

 
Rancher
Posts: 43081
77
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

If I give url pattern for the directory in "E:\Tomcat6.0\webapps\Jyoti\WEB-INF\classes\web"
as
<url-pattern>/Jyoti/classes/web/*</url-pattern> or <url-pattern>/Jyoti/web/*</url-pattern>


Nothing that's inside of WEB-INF will be served directly to the client anyway, so there's no point in trying to protect it. (As an aside, neither of the two patterns matches the directory path - you can't just omit random parts of the path.)

<url-pattern>/Control/*</url-pattern>


Try "/Control" instead.
 
Jyoti Vaskar
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Ulf Dittmer wrote:Try "/Control" instead.



I have tried "/Control"

Now it's doing

but still

access is denied for declared users (jyo,nitin,deep etc.)
in tomcat-user file.

wats wrong again ???
 
Jyoti Vaskar
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Hi,

is there anybody who can explain what's wrong in this xml declaration???

I have declared <auth-constraint> for only Administrator ("jyo" is Administrator - declared in tomcat-user file).

In my application access is denied for everybody (weather Guest, Member or Administrator or any other user) irrespective of it's role?

Where I'm going wrong??
 
Ranch Hand
Posts: 54
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
everything seems to be correct...
 
Ranch Hand
Posts: 437
Oracle Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi Jyoti.
I think the problem lies in the tomcat-users.xml file. Remove this and try.

and also in

<?xml version='1.0' encoding='cp1252'?>

I think some browsers don't support this encoding. In that case replace 'encoding' attribute with 'utf-8'.
 
Jyoti Vaskar
Ranch Hand
Posts: 142
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Chinmaya Chowdary wrote:Hi Jyoti.
I think the problem lies in the tomcat-users.xml file. Remove this and try.

and also in

<?xml version='1.0' encoding='cp1252'?>

I think some browsers don't support this encoding. In that case replace 'encoding' attribute with 'utf-8'.



thank you Chinmay.

I'll try it .
 
I like tacos! And this tiny ad:
New web page for Paul's Rocket Mass Heaters movies
https://coderanch.com/t/785239/web-page-Paul-Rocket-Mass
reply
    Bookmark Topic Watch Topic
  • New Topic