[opencms-dev] Is there incompatibilities between Opencms Auth Mechanism and Tomcat Auth?

Cavva79 davide.cavarretta at gmail.com
Wed Sep 26 17:14:57 CEST 2012


Hi All,

I'm trying to close a development environment. My customer don't want to
show to the public this demo website. Before we were filtering with apache
2.2 basic auth, but they want to customize auth page instead the "ugly"
popup.

I've found a good module for apache 2.4 that does form auth, but this is my
last chance. Now I'm trying with Tomcat 7 basic auth. But I have to log in
twice to access back end and I cannot log in at front end.

my web.xml is modified with:
    <security-role>
    	<role-name>tomcat</role-name>
    </security-role>
	<security-constraint>
		<web-resource-collection>
			<web-resource-name>Authentication</web-resource-name>
			<url-pattern>/*</url-pattern>
			<http-method>GET</http-method>
			<http-method>POST</http-method>
		</web-resource-collection>

		<auth-constraint>
			<role-name>tomcat</role-name>
		</auth-constraint>

		<user-data-constraint>
			<transport-guarantee>NONE</transport-guarantee>
		</user-data-constraint>
	</security-constraint>

	<login-config>
		<auth-method>FORM</auth-method>
		<form-login-config>
			<form-login-page>/login.html</form-login-page>
			<form-error-page>/login-failed.html</form-error-page>
		</form-login-config>
	</login-config>

Is there some incompatibilities between the two auth?

Any idea to do it?

Best regards
Davide
-- 
View this message in context: http://old.nabble.com/Is-there-incompatibilities-between-Opencms-Auth-Mechanism-and-Tomcat-Auth--tp34482623p34482623.html
Sent from the OpenCMS - Dev mailing list archive at Nabble.com.




More information about the opencms-dev mailing list