Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » scout » Authentication on Tomcat (Authentication on Tomcat )
Authentication on Tomcat [message #800749] Fri, 17 February 2012 07:49 Go to next message
Bertin Kiekebosch is currently offline Bertin Kiekebosch
Messages: 300
Registered: August 2011
Senior Member
Hi,

I have an application with authentication turned on that runs fine in my development environment. Whenever I start the client, a login-dialog is presented. When I enter the credentials it checks these against my own table with user info in my database.

Then I deploy the application. Client, Tomcat and Database each on a seperate windows machine. When authentication is turned off (in the config.ini DataSourceSecurityFilter#active=false and AnonymousSecurityFilter#active=true) it runs fine, but when I turn authentication on (in the config.ini DataSourceSecurityFilter#active=true and AnonymousSecurityFilter#active=false) I get some kind of windows security dialog that I need credentials for the server on which tomcat is running. (Its not the same dialog as I get on my development environment).

I also get this dialog when I am in the Tomcat manager (where I can start and stop the application) and the try to open my Application (Normally you get the "View Application Home Page", to download the Client)

I think it has nothing to do with Scout but with the confuguration of tomcat or the servers. Maybe someone recognizes the problem and give me a hint how to fix this.

Regards Bertin

Re: Authentication on Tomcat [message #802666 is a reply to message #800749] Mon, 20 February 2012 04:11 Go to previous messageGo to next message
Jeremie Bresson is currently offline Jeremie Bresson
Messages: 633
Registered: October 2011
Senior Member
I am not sure this isn't normal...

* http://<your_tomcat_server>/ -> handled by Tomcat (Per default the homepage of Tomcat server. Example)

* http://<your_tomcat_server>/<name_of_your_scout_app> -> handled by the application. (Per default a page to download the client. Example)

It is possible to change this page. (Per default, this page is in the resources/html folder of your server)

It is configured in the Plugin.xml file of the server:
  <extension point="org.eclipse.equinox.http.registry.servlets">
    <!-- other servlet definititions -->
    <servlet alias="/" class="org.eclipse.scout.rt.server.ResourceServlet">
      <init-param name="bundle-name" value="org.eclipselabs.mcqs.server"/>
      <init-param name="bundle-path" value="/resources/html"/>
    </servlet>
  </extension>


If you specify that you want an authentication (what you are doing with DataSourceSecurityFilter#active=true), your browser will ask for user and password.

You can enter a valid User and Password (of your Scout application). This is independent from Tomcat.


* http://<your_tomcat_server>/<name_of_your_scout_app>/process -> handled by the application. This is where the Client Application connects to.
If you connect with the client application, you need to provide user and password there (Scout Application Window). If you go there with a browser, you will get a browser login/password window. You can enter a valid User and Password of your application to access to the HTML server debug pages.

More on the /process page in this discussion

----

I think that what you are asking is how to provide access to anybody (without authentication) on the default downlaod html page.

I have no idea how to do this.

I would have a look at this ResourceServlet. Maybe with an additional parameter (init-param) you can specify that you do not want any authentication for this Servlet (or an allow everybody without password authentication).

Re: Authentication on Tomcat [message #802725 is a reply to message #802666] Mon, 20 February 2012 06:06 Go to previous messageGo to next message
Ivan Motsch is currently offline Ivan Motsch
Messages: 100
Registered: March 2010
Senior Member
Hi Bertin,

Would it be possible to show some screenshots (with blacked out sensitive areas) of that credential dialog in the browser?
Re: Authentication on Tomcat [message #802730 is a reply to message #802725] Mon, 20 February 2012 06:14 Go to previous messageGo to next message
Ivan Motsch is currently offline Ivan Motsch
Messages: 100
Registered: March 2010
Senior Member
If you like we can do a "Windows Remote Help" session to look at the issue.
It might be that your tomcat is sitting in a secured environment (Windows server with MS firewall?) and that the
http BASIC Auth response header of the tomcat webapp is intercepted by the firewall and requests that the user is authenticated to AD or so.

The tomcat you use, is it an original downloaded tomcat 6 or is it customized/configured?
More detailed: does it contain some security filters in the tomcat server.xml or web.xml that add additional security to the tomcat webapps?
Re: Authentication on Tomcat [message #811377 is a reply to message #800749] Fri, 02 March 2012 04:10 Go to previous message
Bertin Kiekebosch is currently offline Bertin Kiekebosch
Messages: 300
Registered: August 2011
Senior Member
Hi,

it took some time for me to react because I was on holiday. With the help of your comment we did some test and found out that the unexpected loging dialog is our domain login. Although the current user is already logged in it is again presenting the dialog.


It is not clear to me why it only coming when DataSourceSecurityFilter#active=true but we will continue testing.


For testing I have installed the client.exe on a terminal server, the tomcat server part on another server and the database on a third server. Maybe something is triggering the domain login when DataSourceSecurityFilter#active=true.

Regards Bertin
Previous Topic:New Derby Database
Next Topic:Progress Monitor
Goto Forum:
  


Current Time: Sat Jul 26 03:18:22 EDT 2014

Powered by FUDForum. Page generated in 0.14090 seconds