DaniWeb Forum Index > Web Development > JSP

Problem migrating Tomcat 5.0 app to 5.5?

Please support our JSP advertiser: PostgreSQL or MySQL? Compare and contrast the two most popular open source databases

•

Join Date: Jan 2009

Posts: 2

Reputation: probedb is an unknown quantity at this point

Solved Threads: 0

probedb

Offline

Newbie Poster

Problem migrating Tomcat 5.0 app to 5.5?

Jan 21st, 2009

Hi all,

I've just joined but have been coding a while longer

I'm having trouble migrating a webapp that works fine under Tomcat 5.0.28 to 5.5. I've done several others without any problem. This one, however uses SingleSignOn. I can't see anything wrong with my setup (config below) from reading the docs. All the webapps are using Alterian's Mediasurface CMS.

The problem arises when you do a successful signon, rather than getting the relevant Mediasurface page I get a Tomcat 403: Access Denied page. On 5.0 it shows me the correct Mediasurface page. have *ed out passwords and stuff.

server.xml snippet:

 Help with Code Tags 
 JSP Syntax (Toggle Plain Text) 
<Host name="intranet" debug="0" appBase="webapps/intranet" unpackWARs="true" autoDeploy="true"
	xmlValidation="false" xmlNamespaceAware="false">
	<Alias>intranet-psolecki</Alias>
	<Valve className="org.apache.catalina.valves.FastCommonAccessLogValve" directory="logs"
		prefix="intranet_access_log." suffix=".txt" pattern="common" resolveHosts="false"/>
	<Valve className="org.apache.catalina.authenticator.SingleSignOn"/>
	<Realm className="org.apache.catalina.realm.JNDIRealm"
			connectionURL="ldap://**********/"
			connectionName="*************"
			connectionPassword="*********"
			protocol="DIGEST-MD5"
			userBase="OU=******,DC=**,DC=***,DC=com***"
			userSearch="(sAMAccountName={0})"
			userRoleName="memberOf"
			roleSubtree="true"
			userSubtree="true"					
		/>
	<Context path="" docBase="${catalina.home}/webapps/intranet" debug="0" allowLinking="true">
		<Resources className="org.apache.naming.resources.FileDirContext" />
	</Context>
</Host>
<Host name="intranet" debug="0" appBase="webapps/intranet" unpackWARs="true" autoDeploy="true"
	xmlValidation="false" xmlNamespaceAware="false">
	<Alias>intranet-psolecki</Alias>
	<Valve className="org.apache.catalina.valves.FastCommonAccessLogValve" directory="logs"
		prefix="intranet_access_log." suffix=".txt" pattern="common" resolveHosts="false"/>
	<Valve className="org.apache.catalina.authenticator.SingleSignOn"/>
	<Realm className="org.apache.catalina.realm.JNDIRealm"
			connectionURL="ldap://**********/"
			connectionName="*************"
			connectionPassword="*********"
			protocol="DIGEST-MD5"
			userBase="OU=******,DC=**,DC=***,DC=com***"
			userSearch="(sAMAccountName={0})"
			userRoleName="memberOf"
			roleSubtree="true"
			userSubtree="true"					
		/>
	<Context path="" docBase="${catalina.home}/webapps/intranet" debug="0" allowLinking="true">
		<Resources className="org.apache.naming.resources.FileDirContext" />
	</Context>
</Host>

webapp's web.xml SSO snippet:

 Help with Code Tags 
 JSP Syntax (Toggle Plain Text) 
<security-constraint>
	<web-resource-collection>
		<web-resource-name>Nrt</web-resource-name>
		<url-pattern>/global/loginregister/</url-pattern>
		<url-pattern>/global/footer/contact/</url-pattern>
		<url-pattern>/runningourbusiness/information/dataprotection/</url-pattern>
		<http-method>GET</http-method>
		<http-method>POST</http-method>
		<http-method>PUT</http-method>
		<http-method>DELETE</http-method>
	</web-resource-collection>
	<auth-constraint>
		<role-name>*</role-name>
	</auth-constraint>
</security-constraint>
 
<login-config>
	<auth-method>FORM</auth-method>
	<realm-name>Unifi</realm-name>
	<form-login-config>
		<form-login-page>/WEB-INF/security/login.jsp</form-login-page>
		<form-error-page>/WEB-INF/security/error.jsp</form-error-page>
	</form-login-config>
</login-config>
 
<security-role>
	<description>Only 'tomcat' role is allowed to access this web application</description>
	<role-name>tomcat</role-name>
</security-role>
<security-constraint>
	<web-resource-collection>
		<web-resource-name>Nrt</web-resource-name>
		<url-pattern>/global/loginregister/</url-pattern>
		<url-pattern>/global/footer/contact/</url-pattern>
		<url-pattern>/runningourbusiness/information/dataprotection/</url-pattern>
		<http-method>GET</http-method>
		<http-method>POST</http-method>
		<http-method>PUT</http-method>
		<http-method>DELETE</http-method>
	</web-resource-collection>
	<auth-constraint>
		<role-name>*</role-name>
	</auth-constraint>
</security-constraint>

<login-config>
	<auth-method>FORM</auth-method>
	<realm-name>Unifi</realm-name>
	<form-login-config>
		<form-login-page>/WEB-INF/security/login.jsp</form-login-page>
		<form-error-page>/WEB-INF/security/error.jsp</form-error-page>
	</form-login-config>
</login-config>

<security-role>
	<description>Only 'tomcat' role is allowed to access this web application</description>
	<role-name>tomcat</role-name>
</security-role>