• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

Apache Authentication in a webdav application under tomcat

 
Ranch Hand
Posts: 2376
MySQL Database Spring Java
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Dear Folks,
I am facing a solution design problem and hence seeking your adivse here. Let us find it interesting.
Scenario
1. There is a security layer in a running EJB system that decides the access privileges of various user groups on various resources (files, images etc).
2. A webdav application using jakarta slide is being developed to be deployed under tomcat that will give the access to the resources.
3. Apache is acting as web server with which tomcat is connected as a web container (for servlets/jsp) files.
4. I initially am using apache's htpasswd.exe file to generate username/password for basic authentication. It works fine as far as I have created the user or group in that file and shown the URL to be protected (http://localhost/testDav instead of http://localhost:8080/testDav), popping up the basic authentication dialog box.
Problem
Now I need that user will point to http://localhost/testDav URL in his browser, get the basic or any other authentication (basic is sufficient in this case), after submitting the username and password the request will go to the slide's servlet, say TestWebDavServlet. Then this servlet will call the security layer's API of the EJB system to authenticate and authorize the user and thus provide or deny access to the user. That means using the passwords text file is not sufficient in this case.
Query
Please let me know, if the whole idea is feasible or their is a basic misunderstanding of teh problem by me? What are the alternatives to me in this scenario. Once I can get the username and password as string to my servlet I can do the rest. But how can I get that as I am not using tomcat as a web server rather using apache as web server?
Looking for comments from you. :roll:
 
Greenhorn
Posts: 11
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi Ashik,
I am sorry, but I cannot help you, but maybe you could help me. I have been trying for the past couple of weeks to attempt to use Webdav using "org.apache.webdav.lib.WebdavResource". So far I have not had much luck. I can connect if I use WebdavResource.NOACTION, but I cannot do any propFind's.
Is there any chance that you could help me?
Thanks in advance,
Rich
 
You have to be odd to be #1 - Seuss. An odd little ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
    Bookmark Topic Watch Topic
  • New Topic