Setting up security for Tomcat running locally [message #141753] |
Sun, 02 October 2005 18:24 |
Eclipse User |
|
|
|
Originally posted by: mcfall.Hope.edu
I am attempting to develop an application that will use form-authentication
using the <login-config> and <security-constraint> tags in web.xml.
When I set up the security-constraint tag as follows:
<security-constraint>
<web-resource-collection>
<web-resource-name>Protected</web-resource-name>
<url-pattern>/Protected</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Manager</description>
<role-name>manager</role-name>
</auth-constraint>
</security-constraint>
I get an error from Eclipse:
2 CHKJ3020E: Invalid Security role-name: manager. web.xml
LoginExample/WebContent/WEB-INF October 2, 2005 1:51:35 PM
I am unsure where the user database configuration files are for this local
Tomcat server. The role manager is indeed defined in the
conf/tomcat-users.xml file under the defined runtime's tomcat root
directory.
Does anyone know where this database can be specified? It would be nice if
they weren't actually the runtime's configuration files, but I guess if they
have to be, I can work around that.
Thanks,
Ryan
|
|
|
Re: Setting up security for Tomcat running locally [message #141762 is a reply to message #141753] |
Sun, 02 October 2005 18:31 |
Eclipse User |
|
|
|
Originally posted by: mcfall.Hope.edu
A further bit of information; the eclipse error message hasn't gone away,
but when I restart the webapp and server, the authentication method does
work, using the user name database in RUNTIME_HOME/conf/tomcat-users.xml.
It would still be nice for the error message to go away.
"Ryan McFall" <mcfall@Hope.edu> wrote in message
news:dhp8kf$gog$1@news.eclipse.org...
>I am attempting to develop an application that will use form-authentication
>using the <login-config> and <security-constraint> tags in web.xml.
>
> When I set up the security-constraint tag as follows:
> <security-constraint>
>
> <web-resource-collection>
>
> <web-resource-name>Protected</web-resource-name>
>
> <url-pattern>/Protected</url-pattern>
>
> </web-resource-collection>
>
> <auth-constraint>
>
> <description>Manager</description>
>
> <role-name>manager</role-name>
>
> </auth-constraint>
>
> </security-constraint>
>
> I get an error from Eclipse:
> 2 CHKJ3020E: Invalid Security role-name: manager. web.xml
> LoginExample/WebContent/WEB-INF October 2, 2005 1:51:35 PM
>
> I am unsure where the user database configuration files are for this local
> Tomcat server. The role manager is indeed defined in the
> conf/tomcat-users.xml file under the defined runtime's tomcat root
> directory.
>
> Does anyone know where this database can be specified? It would be nice
> if they weren't actually the runtime's configuration files, but I guess if
> they have to be, I can work around that.
>
> Thanks,
> Ryan
>
|
|
|
|
Re: Setting up security for Tomcat running locally [message #142255 is a reply to message #141762] |
Mon, 03 October 2005 22:45 |
Larry Isaacs Messages: 1354 Registered: July 2009 |
Senior Member |
|
|
The tomcat-users.xml file is one of the ones imported when you create a
Tomcat server in Eclipse. Look under the Servers project for the folder
corresponding to the server you created. Under that folder you will
find the tomcat-users.xml that needs to include the "manager" role. The
original that remains under the CATALINA_HOME, won't be used by the
Eclipse server you created.
Cheers,
Larry
Ryan McFall wrote:
> A further bit of information; the eclipse error message hasn't gone away,
> but when I restart the webapp and server, the authentication method does
> work, using the user name database in RUNTIME_HOME/conf/tomcat-users.xml.
>
> It would still be nice for the error message to go away.
>
> "Ryan McFall" <mcfall@Hope.edu> wrote in message
> news:dhp8kf$gog$1@news.eclipse.org...
>
>>I am attempting to develop an application that will use form-authentication
>>using the <login-config> and <security-constraint> tags in web.xml.
>>
>>When I set up the security-constraint tag as follows:
>><security-constraint>
>>
>><web-resource-collection>
>>
>><web-resource-name>Protected</web-resource-name>
>>
>><url-pattern>/Protected</url-pattern>
>>
>></web-resource-collection>
>>
>><auth-constraint>
>>
>><description>Manager</description>
>>
>><role-name>manager</role-name>
>>
>></auth-constraint>
>>
>></security-constraint>
>>
>>I get an error from Eclipse:
>>2 CHKJ3020E: Invalid Security role-name: manager. web.xml
>>LoginExample/WebContent/WEB-INF October 2, 2005 1:51:35 PM
>>
>>I am unsure where the user database configuration files are for this local
>>Tomcat server. The role manager is indeed defined in the
>>conf/tomcat-users.xml file under the defined runtime's tomcat root
>>directory.
>>
>>Does anyone know where this database can be specified? It would be nice
>>if they weren't actually the runtime's configuration files, but I guess if
>>they have to be, I can work around that.
>>
>>Thanks,
>>Ryan
>>
>
>
>
|
|
|
Re: Setting up security for Tomcat running locally [message #142681 is a reply to message #142255] |
Fri, 07 October 2005 00:50 |
Eclipse User |
|
|
|
Originally posted by: mcfall.Hope.edu
Thanks, this is exactly right. I figured this out after quite a bit of
searching.
It would have been much easier if the J2EE perspective included something
about the servers. I only found it by switching to the Package Explorer
view. From the Servers view, opening right clicking on the server and
choosing open presents some information that would seem to go into the
server.xml file, but not all of it.
If any of the WTP designers are listening on this group, hopefully you'll
find a way to make this configuration step a bit more obvious in the future.
Ryan
"Larry Isaacs" <Larry.Isaacs@sas.com> wrote in message
news:dhscb8$uqe$1@news.eclipse.org...
> The tomcat-users.xml file is one of the ones imported when you create a
> Tomcat server in Eclipse. Look under the Servers project for the folder
> corresponding to the server you created. Under that folder you will find
> the tomcat-users.xml that needs to include the "manager" role. The
> original that remains under the CATALINA_HOME, won't be used by the
> Eclipse server you created.
>
> Cheers,
> Larry
>
> Ryan McFall wrote:
>> A further bit of information; the eclipse error message hasn't gone away,
>> but when I restart the webapp and server, the authentication method does
>> work, using the user name database in RUNTIME_HOME/conf/tomcat-users.xml.
>>
>> It would still be nice for the error message to go away.
>>
>> "Ryan McFall" <mcfall@Hope.edu> wrote in message
>> news:dhp8kf$gog$1@news.eclipse.org...
>>
>>>I am attempting to develop an application that will use
>>>form-authentication using the <login-config> and <security-constraint>
>>>tags in web.xml.
>>>
>>>When I set up the security-constraint tag as follows:
>>><security-constraint>
>>>
>>><web-resource-collection>
>>>
>>><web-resource-name>Protected</web-resource-name>
>>>
>>><url-pattern>/Protected</url-pattern>
>>>
>>></web-resource-collection>
>>>
>>><auth-constraint>
>>>
>>><description>Manager</description>
>>>
>>><role-name>manager</role-name>
>>>
>>></auth-constraint>
>>>
>>></security-constraint>
>>>
>>>I get an error from Eclipse:
>>>2 CHKJ3020E: Invalid Security role-name: manager. web.xml
>>>LoginExample/WebContent/WEB-INF October 2, 2005 1:51:35 PM
>>>
>>>I am unsure where the user database configuration files are for this
>>>local Tomcat server. The role manager is indeed defined in the
>>>conf/tomcat-users.xml file under the defined runtime's tomcat root
>>>directory.
>>>
>>>Does anyone know where this database can be specified? It would be nice
>>>if they weren't actually the runtime's configuration files, but I guess
>>>if they have to be, I can work around that.
>>>
>>>Thanks,
>>>Ryan
>>>
>>
>>
|
|
|
|
|
Powered by
FUDForum. Page generated in 0.03525 seconds