Eclipse Community Forums
Forum Search:

Search      Help    Register    Login    Home
Home » Eclipse Projects » Web Tools Project (WTP) » Setting up security for Tomcat running locally
Setting up security for Tomcat running locally [message #141753] Sun, 02 October 2005 18:24 Go to next message
Eclipse User
Originally posted by: mcfall.Hope.edu

I am attempting to develop an application that will use form-authentication
using the <login-config> and <security-constraint> tags in web.xml.

When I set up the security-constraint tag as follows:
<security-constraint>

<web-resource-collection>

<web-resource-name>Protected</web-resource-name>

<url-pattern>/Protected</url-pattern>

</web-resource-collection>

<auth-constraint>

<description>Manager</description>

<role-name>manager</role-name>

</auth-constraint>

</security-constraint>

I get an error from Eclipse:
2 CHKJ3020E: Invalid Security role-name: manager. web.xml
LoginExample/WebContent/WEB-INF October 2, 2005 1:51:35 PM

I am unsure where the user database configuration files are for this local
Tomcat server. The role manager is indeed defined in the
conf/tomcat-users.xml file under the defined runtime's tomcat root
directory.

Does anyone know where this database can be specified? It would be nice if
they weren't actually the runtime's configuration files, but I guess if they
have to be, I can work around that.

Thanks,
Ryan
Re: Setting up security for Tomcat running locally [message #141762 is a reply to message #141753] Sun, 02 October 2005 18:31 Go to previous messageGo to next message
Eclipse User
Originally posted by: mcfall.Hope.edu

A further bit of information; the eclipse error message hasn't gone away,
but when I restart the webapp and server, the authentication method does
work, using the user name database in RUNTIME_HOME/conf/tomcat-users.xml.

It would still be nice for the error message to go away.

"Ryan McFall" <mcfall@Hope.edu> wrote in message
news:dhp8kf$gog$1@news.eclipse.org...
>I am attempting to develop an application that will use form-authentication
>using the <login-config> and <security-constraint> tags in web.xml.
>
> When I set up the security-constraint tag as follows:
> <security-constraint>
>
> <web-resource-collection>
>
> <web-resource-name>Protected</web-resource-name>
>
> <url-pattern>/Protected</url-pattern>
>
> </web-resource-collection>
>
> <auth-constraint>
>
> <description>Manager</description>
>
> <role-name>manager</role-name>
>
> </auth-constraint>
>
> </security-constraint>
>
> I get an error from Eclipse:
> 2 CHKJ3020E: Invalid Security role-name: manager. web.xml
> LoginExample/WebContent/WEB-INF October 2, 2005 1:51:35 PM
>
> I am unsure where the user database configuration files are for this local
> Tomcat server. The role manager is indeed defined in the
> conf/tomcat-users.xml file under the defined runtime's tomcat root
> directory.
>
> Does anyone know where this database can be specified? It would be nice
> if they weren't actually the runtime's configuration files, but I guess if
> they have to be, I can work around that.
>
> Thanks,
> Ryan
>
Re: Setting up security for Tomcat running locally [message #142086 is a reply to message #141762] Mon, 03 October 2005 14:51 Go to previous messageGo to next message
Fred Grott is currently offline Fred Grott
Messages: 96
Registered: July 2009
Member
What is the version of Tomcat and Eclipse WTP that you are using?
Re: Setting up security for Tomcat running locally [message #142255 is a reply to message #141762] Mon, 03 October 2005 22:45 Go to previous messageGo to next message
Larry Isaacs is currently offline Larry Isaacs
Messages: 1305
Registered: July 2009
Senior Member
The tomcat-users.xml file is one of the ones imported when you create a
Tomcat server in Eclipse. Look under the Servers project for the folder
corresponding to the server you created. Under that folder you will
find the tomcat-users.xml that needs to include the "manager" role. The
original that remains under the CATALINA_HOME, won't be used by the
Eclipse server you created.

Cheers,
Larry

Ryan McFall wrote:
> A further bit of information; the eclipse error message hasn't gone away,
> but when I restart the webapp and server, the authentication method does
> work, using the user name database in RUNTIME_HOME/conf/tomcat-users.xml.
>
> It would still be nice for the error message to go away.
>
> "Ryan McFall" <mcfall@Hope.edu> wrote in message
> news:dhp8kf$gog$1@news.eclipse.org...
>
>>I am attempting to develop an application that will use form-authentication
>>using the <login-config> and <security-constraint> tags in web.xml.
>>
>>When I set up the security-constraint tag as follows:
>><security-constraint>
>>
>><web-resource-collection>
>>
>><web-resource-name>Protected</web-resource-name>
>>
>><url-pattern>/Protected</url-pattern>
>>
>></web-resource-collection>
>>
>><auth-constraint>
>>
>><description>Manager</description>
>>
>><role-name>manager</role-name>
>>
>></auth-constraint>
>>
>></security-constraint>
>>
>>I get an error from Eclipse:
>>2 CHKJ3020E: Invalid Security role-name: manager. web.xml
>>LoginExample/WebContent/WEB-INF October 2, 2005 1:51:35 PM
>>
>>I am unsure where the user database configuration files are for this local
>>Tomcat server. The role manager is indeed defined in the
>>conf/tomcat-users.xml file under the defined runtime's tomcat root
>>directory.
>>
>>Does anyone know where this database can be specified? It would be nice
>>if they weren't actually the runtime's configuration files, but I guess if
>>they have to be, I can work around that.
>>
>>Thanks,
>>Ryan
>>
>
>
>
Re: Setting up security for Tomcat running locally [message #142681 is a reply to message #142255] Fri, 07 October 2005 00:50 Go to previous messageGo to next message
Eclipse User
Originally posted by: mcfall.Hope.edu

Thanks, this is exactly right. I figured this out after quite a bit of
searching.

It would have been much easier if the J2EE perspective included something
about the servers. I only found it by switching to the Package Explorer
view. From the Servers view, opening right clicking on the server and
choosing open presents some information that would seem to go into the
server.xml file, but not all of it.

If any of the WTP designers are listening on this group, hopefully you'll
find a way to make this configuration step a bit more obvious in the future.

Ryan

"Larry Isaacs" <Larry.Isaacs@sas.com> wrote in message
news:dhscb8$uqe$1@news.eclipse.org...
> The tomcat-users.xml file is one of the ones imported when you create a
> Tomcat server in Eclipse. Look under the Servers project for the folder
> corresponding to the server you created. Under that folder you will find
> the tomcat-users.xml that needs to include the "manager" role. The
> original that remains under the CATALINA_HOME, won't be used by the
> Eclipse server you created.
>
> Cheers,
> Larry
>
> Ryan McFall wrote:
>> A further bit of information; the eclipse error message hasn't gone away,
>> but when I restart the webapp and server, the authentication method does
>> work, using the user name database in RUNTIME_HOME/conf/tomcat-users.xml.
>>
>> It would still be nice for the error message to go away.
>>
>> "Ryan McFall" <mcfall@Hope.edu> wrote in message
>> news:dhp8kf$gog$1@news.eclipse.org...
>>
>>>I am attempting to develop an application that will use
>>>form-authentication using the <login-config> and <security-constraint>
>>>tags in web.xml.
>>>
>>>When I set up the security-constraint tag as follows:
>>><security-constraint>
>>>
>>><web-resource-collection>
>>>
>>><web-resource-name>Protected</web-resource-name>
>>>
>>><url-pattern>/Protected</url-pattern>
>>>
>>></web-resource-collection>
>>>
>>><auth-constraint>
>>>
>>><description>Manager</description>
>>>
>>><role-name>manager</role-name>
>>>
>>></auth-constraint>
>>>
>>></security-constraint>
>>>
>>>I get an error from Eclipse:
>>>2 CHKJ3020E: Invalid Security role-name: manager. web.xml
>>>LoginExample/WebContent/WEB-INF October 2, 2005 1:51:35 PM
>>>
>>>I am unsure where the user database configuration files are for this
>>>local Tomcat server. The role manager is indeed defined in the
>>>conf/tomcat-users.xml file under the defined runtime's tomcat root
>>>directory.
>>>
>>>Does anyone know where this database can be specified? It would be nice
>>>if they weren't actually the runtime's configuration files, but I guess
>>>if they have to be, I can work around that.
>>>
>>>Thanks,
>>>Ryan
>>>
>>
>>
Re: Setting up security for Tomcat running locally [message #827607 is a reply to message #141753] Fri, 23 March 2012 15:01 Go to previous message
Phaedrus The Greek is currently offline Phaedrus The Greek
Messages: 16
Registered: August 2011
Junior Member
From a useful blog called "Stefan's Journal ..."

"CHKJ3020E: Invalid Security role-name: xxxx"

The solution is just replace your web.xml namespace to version 2.5:


stefan-ay.blogspot.ca/2009/05/wrong-webxmlnamespace-version.html
Previous Topic:WTP 3.4M6 p2 ?
Next Topic:web project deployment on apache httpd server
Goto Forum:
  


Current Time: Sun Sep 21 12:26:49 GMT 2014

Powered by FUDForum. Page generated in 0.01994 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.2.
Copyright ©2001-2010 FUDforum Bulletin Board Software