Win a copy of Spring Boot in Practice this week in the Spring forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Liutauras Vilda
  • Henry Wong
  • Devaka Cooray
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Al Hobbs
  • Carey Brown
Bartenders:
  • Piet Souris
  • Mikalai Zaikin
  • Himai Minh

form authentication failure in tomcat7

 
Greenhorn
Posts: 3
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have a servlet like
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.ServletException;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Map;
import java.util.HashMap;

public class SecureServlet extends HttpServlet {
Map<String,String> persons;

protected void doGet(HttpServletRequest arg0,
HttpServletResponse arg1)
throws ServletException, IOException {
doPost(arg0,arg1);
}

public void init()throws ServletException {
persons = new HashMap<String,String>();

persons.put("sanjeevan","Analyst");
persons.put("sandeepan","Manager");
persons.put("subba rao","Asst Manager");
persons.put("velavan","Manager");
}

protected void doPost(HttpServletRequest req,
HttpServletResponse res)
throws ServletException, IOException {
res.setContentType("text/html");
PrintWriter out = res.getWriter();
System.out.println("KKK");
String name = req.getParameter("personName");
out.println("<center>Welcome to Basic Secured Servlet
");
name = name.toLowerCase();
System.out.println(".."+name);
if(persons.containsKey(name)) {
String position = persons.get(name);
out.println("
The person asked is:"+name);
out.println("
The position is:"+position+"
</center>");
}
else {
out.println("
The given :"+name+" is not there");
}
String authType = req.getAuthType();
System.out.println("**"+authType);
if(authType.equals("FORM"))
{
java.security.Principal pl = req.getUserPrincipal();
System.out.println(pl.getName());
}
out.close();
}
}

my web.xml configuration
<web-app xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee
http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0"
metadata-complete="true">

<servlet>
<servlet-name>secure</servlet-name>
<servlet-class>SecureServlet</servlet-class>
</servlet>

<servlet>
<servlet-name>mySecure</servlet-name>
<servlet-class>ManageSecureServlet</servlet-class>
</servlet>


<servlet-mapping>
<servlet-name>mySecure</servlet-name>
<url-pattern>/mesecure</url-pattern>
</servlet-mapping>


<servlet-mapping>
<servlet-name>secure</servlet-name>
<url-pattern>/secure</url-pattern>
</servlet-mapping>

<welcome-file-list>
<welcome-file>posting.html</welcome-file>
</welcome-file-list>

<security-constraint>

<web-resource-collection>
<web-resource-name>one security test</web-resource-name>
<url-pattern>/secure</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>

<auth-constraint>
<role-name>sysadmin</role-name>
</auth-constraint>

<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>

</security-constraint>

<login-config>
<!--

<auth-method>BASIC</auth-method>
<realm-name>one security test</realm-name>
-->

<auth-method>FORM</auth-method>
<realm-name>one security test</realm-name>

<form-login-config>
<form-login-page>/formLogin.jsp</form-login-page>
<form-error-page>/formLogin.jsp?error=true</form-error-page>
</form-login-config>

</login-config>

<security-role>
<role-name>sysadmin</role-name>
</security-role>

</web-app>

i am using tomcat-users.xml as memory-realm
it is working with "BASIC"
but if FORM is given it is not retaining old request parameter's value and showing null

my sec.xml [context] file is
<Context path="/sec" docBase="D:\secureTest" reloadable="true" preemptiveAuthentication="true" >
</Context>
it is working fine in tomcat6

i will be thankful to know any additional steps are to be taken
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic