|
Re: Newbie: Security Filter Not Functioning [message #223819 is a reply to message #223809] |
Thu, 13 November 2008 18:28 |
Larry Isaacs Messages: 1354 Registered: July 2009 |
Senior Member |
|
|
For details about the Tomcat support in WTP, see
http://wiki.eclipse.org/WTP_Tomcat_FAQ.
Obviously there is something different between the Tomcat server running
externally and the one running inside Eclipse. By default, a primary
difference between such external and Eclipse Tomcats is that the
external Tomcat is running with catalina.base and catalina.home set to
the same value. For the Eclipse Tomcat, catalina.home is set the same
as in the external Tomcat, but catalina.base is set to a different
location. There isn't enough info to tell if this could be causing your
problem.
Also, if I recall correctly, by default not all log output from Tomcat
4.1 would appear in the Console view. You might check of the "log"
directory in the instance location[1] for the Eclipse Tomcat for
additional log output that might provide a clue.
Cheers,
Larry
[1]
http://wiki.eclipse.org/WTP_Tomcat_FAQ#If_my_Tomcat_server_i s_using_a_separate_instance.2C_how_do_I_find_the_location_of _this_separate_instance.3F
Jonathan O'Donovan wrote:
> Hi All,
>
> I am having a problem with the Tomcat security filter when deploying
> using Web Tools Platform. I am running the following
> Eclipse Ganymede V3.4.1
> Web Tools : 1.1.20x Tomcat 4.1
> JSDK 1.6
>
> I have added the project to the server with no problems and can
> execute/step through servlets on the server. If I disable the security
> filter by commenting
> it out of web.xml the site functions the same as a non Eclipse deploy.
> However, if I include the security config, it does not appear to be
> functioning and I cannot log into my site (the security filter controls
> this) when running/debugging within Eclipse.
>
> The security filter is set up in web.xml as follows :
>
>
> <filter>
> <filter-name>Security Filter</filter-name>
>
> <filter-class>org.securityfilter.filter.SecurityFilter</filter-class >
> <init-param>
> <param-name>config</param-name>
> <param-value>/WEB-INF/securityfilter-config.xml</param-value >
> <description>Configuration file location (this is the
> default value)</description>
> </init-param>
> <init-param>
> <param-name>validate</param-name>
> <param-value>true</param-value>
> <description>Validate config file if set to true</description>
> </init-param>
> <init-param>
> <param-name>loginSubmitPattern</param-name>
> <param-value>/sflogin</param-value>
> <description>This is the action used by the login form (in
> place of the standard "j_security_check")</description>
> </init-param>
> </filter>
> <!-- map all requests to the SecurityFilter, control what it does
> with configuration settings -->
>
> <filter-mapping>
> <filter-name>Security Filter</filter-name>
> <url-pattern>/*</url-pattern>
> </filter-mapping>
>
>
> <security-role>
> <role-name>administrator</role-name>
> </security-role>
> <security-role>
> <role-name>user</role-name>
> </security-role>
>
>
>
>
> The security filter config file is as follows :
>
>
>
> <securityfilter-config>
>
>
> <security-constraint>
> <display-name>The Customer area of the XXX web site.</display-name>
> <web-resource-collection>
> <web-resource-name>UserArea</web-resource-name>
> <url-pattern>/servUserArea</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>administrator</role-name>
> <role-name>user</role-name>
> </auth-constraint>
> </security-constraint>
>
>
> <security-constraint>
> <display-name>Administration of the XX Web site.</display-name>
> <web-resource-collection>
> <web-resource-name>AdminArea</web-resource-name>
> <url-pattern>/servAdminArea</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>administrator</role-name>
> </auth-constraint>
> </security-constraint>
>
>
>
> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/servPublicArea?view=login</form-login-page >
>
> <form-error-page>/servPublicArea?view=loginerror</form-error-page >
>
> <form-default-page>/servUserArea?view=usermain</form-default-page >
> </form-login-config>
> </login-config>
>
>
>
> <!-- start with a Catalina realm adapter to wrap the Catalina realm
> defined below -->
> <realm
> className="org.securityfilter.realm.catalina.CatalinaRealmAdapter " />
>
>
>
> <realm className="org.apache.catalina.realm.JDBCRealm">
> <realm-param name="connectionName" value="client"/>
> <realm-param name="connectionPassword" value="XXX"/>
> <realm-param name="connectionURL" value="XXX"/>
> <realm-param name="driverName"
> value="oracle.jdbc.driver.OracleDriver"/>
> <realm-param name="userCredCol" value="password"/>
> <realm-param name="userNameCol" value="username"/>
> <realm-param name="userTable" value="auth_users"/>
> <realm-param name="roleNameCol" value="role_name"/>
> <realm-param name="userRoleTable" value="tomcat_roles"/>
> <realm-param name="debug" value="1"/>
> </realm>
>
>
> </securityfilter-config>
>
>
>
> The site works fine when I set it up on a normal Tomcat installation (ie
> without Eclipse/WTP) so I know there is no problem connecting to the
> database realm.
>
> I am wondering if anyone can point me in the right direction here. Any
> suggestions would be helpful.
>
> Many thanks in advance,
> Jonathanin use is 6.0 and I am running Eclipse Ganymede
>
|
|
|
Powered by
FUDForum. Page generated in 0.02972 seconds