[opencms-dev] JDBC Realm for OpenCms

Corbey, Clayton CorbeyC at brandonrha.mb.ca
Tue Jul 11 18:12:10 CEST 2006 

That's it! Thanks so much...

Do you know of any API docs or any docs for web.xml descriptor files?

-Clayton

-----Original Message-----
From: opencms-dev-bounces at opencms.org [mailto:opencms-dev-bounces at opencms.org] On Behalf Of lrrh
Sent: Tuesday, July 11, 2006 10:19
To: 'The OpenCms mailing list'
Subject: AW: [opencms-dev] JDBC Realm for OpenCms

Hi Clayton!

Your url-pattern should be 100% correct in my opinion.

But I overlooked the line "<http-method>POST</http-method>" in your first
posting. This line tells Tomcat to apply the security constraint only to
POST requests and because "normal" requests are GET requests your constraint
didn't get called.

You could omit the line. Then the default behavior is to apply the security
constraint to all HTTP methods. (GET, POST, PUT, ...).

Or you replace POST with GET.

<security-constraint>
  <web-resource-collection>
    <web-resource-name>BRHA Secure Web</web-resource-name>
    <url-pattern>/en/secure/*</url-pattern>
-->    <http-method>POST</http-method>  <--
  </web-resource-collection>
  <auth-constraint>
     <role-name>eCatalog</role-name>
  </auth-constraint>
</security-constraint>
<login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>eCatalog</realm-name>
</login-config>
<security-role>
   <description>eCatalog</description>
   <role-name>eCatalog</role-name>
</security-role>


hth
lrrh


> -----Ursprüngliche Nachricht-----
> Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-
> bounces at opencms.org] Im Auftrag von Corbey, Clayton
> Gesendet: Dienstag, 11. Juli 2006 16:23
> An: The OpenCms mailing list
> Betreff: RE: [opencms-dev] JDBC Realm for OpenCms
> 
> I'm not 100% sure the <url-pattern> is correct, but I am about 95% sure!
> 
> I have 3 websites in OpenCms, only one will be with security.
> 
> /sites/brandonrha/secure/* will be the secure area, should I put that in
> the <url-pattern>?
> 
> I access the secure area with http://www.brandonrha.mb.ca/en/secure/
> 
> The /en/ is my replacement for one of the /opencms/, it's not an actual
> language localization. I've removed one /opencms/ by having the .war file
> unpack in the ROOT dir and then renamed the other opencms with /en/.
> 
> I'm no guru with security restraints, so I'm not sure which parameters I
> should have.
> 
> -Clayton
> 
> -----Original Message-----
> From: opencms-dev-bounces at opencms.org [mailto:opencms-dev-
> bounces at opencms.org] On Behalf Of lrrh
> Sent: Tuesday, July 11, 2006 03:24
> To: 'The OpenCms mailing list'
> Subject: AW: [opencms-dev] JDBC Realm for OpenCms
> 
> Hi Clayton!
> 
> Are you sure that your <url-pattern> is correct?
> 
> I'm also using for my member's area a security-constraint.
> My <url-pattern> looks like
> <url-pattern>/opencms/opencms/en/members/*</url-pattern>
> 
> I'm accessing my site with
> "http://www.domainname.com/opencms/opencms/en/members/index.html"
> 
> Take your url to your secure area and adjust your <url-pattern>.
> After that you should get at least a login box.
> 
> hth
> lrrh
> 
> > -----Ursprüngliche Nachricht-----
> > Von: opencms-dev-bounces at opencms.org [mailto:opencms-dev-
> > bounces at opencms.org] Im Auftrag von Corbey, Clayton
> > Gesendet: Montag, 10. Juli 2006 22:50
> > An: The OpenCms mailing list
> > Betreff: [opencms-dev] JDBC Realm for OpenCms
> >
> > I am having trouble setting up a secure area on my website using the
> > JDBC realm for tomcat.
> >
> > Here's my code for web.xml
> >
> > <security-constraint>
> >      <web-resource-collection>
> >         <web-resource-name>BRHA Secure Web</web-resource-name>
> >         <url-pattern>/en/secure/*</url-pattern>
> >         <http-method>POST</http-method>
> >       </web-resource-collection>
> >       <auth-constraint>
> >            <role-name>eCatalog</role-name>
> >        </auth-constraint>
> > </security-constraint>
> > <login-config>
> >     <auth-method>BASIC</auth-method>
> >     <realm-name>eCatalog</realm-name>
> > </login-config>
> > <security-role>
> >   <description>eCatalog</description>
> >   <role-name>eCatalog</role-name>
> > </security-role>
> >
> > And here's the code in conf/server.xml
> >
> > <Realm className="org.apache.catalina.realm.JDBCRealm" name="tomcat"
> > debug="0" driverName="com.mysql.jdbc.Driver"
> > connectionURL="jdbc:mysql://MySqlServer:3306/tomcat?user=myUser&pass
> > word=myPassword" digest="MD5" userTable="users" userNameCol="user_name"
> > userCredCol="user_pass" userRoleTable="user_roles"
> > roleNameCol="role_name"/>
> >
> > No login box occurs, I've even tried the FORMS auth-method with no luck.
> > It just let's me into the secure area, no prob.
> >
> > Th realm works for the tomcat manager, so it's not the DB connection,
> > perhaps the config in web.xml?
> >
> > OpenCms 6.2.1
> > Tomcat 5.5.17
> > MySql 5.0.22
> >
> > -Clayton
> >
> > _______________________________________________
> > This mail is sent to you from the opencms-dev mailing list
> > To change your list options, or to unsubscribe from the list, please
> visit
> > http://lists.opencms.org/mailman/listinfo/opencms-dev
> 
> 
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev
> 
> _______________________________________________
> This mail is sent to you from the opencms-dev mailing list
> To change your list options, or to unsubscribe from the list, please visit
> http://lists.opencms.org/mailman/listinfo/opencms-dev


_______________________________________________
This mail is sent to you from the opencms-dev mailing list
To change your list options, or to unsubscribe from the list, please visit
http://lists.opencms.org/mailman/listinfo/opencms-dev

More information about the opencms-dev mailing list