[opencms-dev] HTTP-Authentification

Oppermann, Joerg Joerg.Oppermann at t-systems.com
Mon Oct 14 16:08:33 CEST 2002 

Hi Kai,

We had the same problem and found the following workaround:

In "com.opencms.core.OpenCmsHttpServlet" in function "initUser" we changed

                        catch(CmsException e) {
                            if(e.getType() == CmsException.C_NO_ACCESS) {

                                // authentification failed, so display a login screen
                                requestAuthorization(req, res);

to
                        catch(CmsException e) {
                        if(
                             (e.getType() == CmsException.C_NO_ACCESS) 
                           || (e.getType() == CmsException.C_NO_USER)
                          ) 
		{

                                // authentification failed, so display a login screen
                                requestAuthorization(req, res);

Someone should check, if this or other solution could be used in next release to fix the problem.

regards,
Joerg Oppermann

>  -----Ursprüngliche Nachricht-----
> Subject: [opencms-dev] HTTP-Authentification 
> From: "Schmidt, Kai" <Kai.Schmidt at bonprix.net> 
> Date: Mon, 19 Aug 2002 12:29:43 +0200 
> 
> Hi list,
> 
> we use OpenCMS 4.7.7 on RedHat 7.2/Oracle with Internet 
> Explorer 5.0 and
> everything works fine except for one small problem.
> As we need a section in our Intranet  for authorised users 
> only, we simply
> use the User management of OpenCMS. We defined a group, 
> unblocked a couple
> of folders for them, which are blocked for normal "guests" and set the
> static export to "dynamic". Up to here, everything works 
> fine: if the user
> is trying to open content of these folders he is asked to 
> authenticate for
> OpenCMS (HTTP-based!!!). If he logs in with correct Username 
> and password,
> he is able to see the pages.
> Now the problem: If the user types in a wrong username or 
> password he does
> not get a new http-request (IE normally repeats the request 
> three times),
> but a CMSException as follows:
> 
> [CmsException]: 10 Unknown User. Detailed Error:
> [com.opencms.file.genericSql.CmsDbAccess]username
> ...
> 
> (complete stacktrace available if needed)
> 
> Seems to be some missing http-header (401), as far as we can 
> analyze it, the
> system returns a "HTTP/1.1 200 OK"
> 
> Does anyone has a doubt what to do?
> 
> Greetings,
> 
> Jens+Kai 
>

More information about the opencms-dev mailing list