Authentification with JAAS, Tomcat

Hello,
I'm working on an application with some specific needs at authorization. Users should log on with an service running on their localhost, exchanging xml-documents.
It works like....
1. request application for loginpage
2. loginpage is an html-form with localhost as action-target (redirecturl as hidden field)
3. user submits the form and the xml-request in the form is evaluated, the xml-response is sent to the redirecturl.
4. on applicationside, the xml-response is verified and when it is correct, the user is authenticated.
My problem is, that i don't have any system (ldap, kerberos, jdbc-source) containing userids or roles, but i want to use jaas for authorization on tomcat/struts for the ability to assign roles to actions...
I thought of using the j_security_check. When the xml-response is verified as correct (4) then the generated userid is written in a database, so j_security_check should be able to lookup.
Can I do this? How could this be done? I would like to redirect to j_security_check and not render an html-form with the new generated userid and password...
thanks for help,
hanspeter

Hello,
did you try to create this user, using the Visual Administrator tool of the J2EE Engine? Then there you can manage the mappings you talk about.
Did you see:
http://help.sap.com/saphelp_nw04/helpdata/en/49/e98876e9865b4e977b54fc090df4ed/frameset.htm
1. "Creating and Removing Users"
(Administration Manual -> Server Administration -> J2EE Engine Security -> Users and Authorizations on the J2EE Engine -> User and Authorization Administration -> J2EE Engine User Management Using the Visual Administrator -> Managing Users -> Creating and Removing Users),
2. "Security Roles Management"
(Administration Manual -> Server Administration -> J2EE Engine Security -> Users and Authorizations on the J2EE Engine -> User and Authorization Administration -> J2EE Engine User Management Using the Visual Administrator -> Security Roles Management => Mapping Users and Groups)
Does this helps?
Regards, Jordan
Message was edited by: Jordan Stanchev

Similar Messages

Authorization with JAAS in JSF with facelets

hi,
can u please hint me where i did mistake.. i clearly mention what i did and what i getting ..i did this in jsf1.2,tomcat6.x
i did JAAS authentication in jsf with facelets.but i am unable to do the authorization with JAAS in jsf
after getting authentication i put the subject in session. if i print the values in suject i got the following out put
Subject:
Principal: TypedPrincipal: hari [USER] // user name
Principal: TypedPrincipal: admin [GROUP] // user role.
now i want to authorization based on the role.
for this i wrote policy file --principal.policy like this
grant Principal com.alw.reports.jaas.TypedPrincipal "admin" {
    permission com.alw.reports.jaas.ViewIdPermission "*";
grant Principal com.alw.reports.jaas.TypedPrincipal "hari" {
    permission com.alw.reports.jaas.ViewIdPermission "*";
grant Principal com.alw.reports.jaas.TypedPrincipal "user" {
    permission com.alw.reports.jaas.ViewIdPermission "/contents.jsp";
};and i set the path for this policy file like
              System.setProperty("java.security.policy", "policy file location" );when i run my application i am getting login page after that i gave username and passwed. it is getting authentication .. but not able to displaying next page that is /pages/welcome.xhtml but directly it is showin /pages/error.xhtml
i am getting following error
java.security.AccessControlException: access denied (com.alw.reports.jaas.ViewIdPermission /pages/welcome.xhtml)
     at java.security.AccessControlContext.checkPermission(Unknown Source)
     at java.security.AccessController.checkPermission(Unknown Source)
     at java.lang.SecurityManager.checkPermission(Unknown Source)
     at com.alw.reports.jaas.JAASHelper$1.run(JAASHelper.java:87)
     at java.security.AccessController.doPrivileged(Native Method)
     at javax.security.auth.Subject.doAsPrivileged(Unknown Source)
     at com.alw.reports.jaas.JAASHelper.permitionToAccessViewId(JAASHelper.java:83)
     at com.alw.reports.jaas.JAASActionListener.processAction(JAASActionListener.java:65)
     at javax.faces.component.UICommand.broadcast(UICommand.java:106)
     at org.ajax4jsf.component.AjaxViewRoot.processEvents(AjaxViewRoot.java:184)
     at org.ajax4jsf.component.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:162)
     at org.ajax4jsf.component.AjaxViewRoot.processApplication(AjaxViewRoot.java:350)
     at org.apache.myfaces.lifecycle.LifecycleImpl.invokeApplication(LifecycleImpl.java:316)
     at org.apache.myfaces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:86)
     at javax.faces.webapp.FacesServlet.service(FacesServlet.java:106)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.ajax4jsf.webapp.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:141)
     at org.ajax4jsf.webapp.BaseFilter.doFilter(BaseFilter.java:281)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:263)
     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:584)
     at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
     at java.lang.Thread.run(Unknown Source)
my faces-config.xml
<navigation-rule>
          <display-name>pages/login</display-name>
          <from-view-id>/pages/login.xhtml</from-view-id>
          <navigation-case>
               <from-outcome>loginSuccess</from-outcome>
               <to-view-id>/pages/welcome.xhtml</to-view-id>
          </navigation-case>
     </navigation-rule>
<navigation-case>
               <from-outcome>errorpage</from-outcome>
               <to-view-id>
                    /pages/error.xhtml
               </to-view-id>
          </navigation-case>my command button in login.xhtml
                         <td align="center" colspan="2">
                              <h:commandButton value="Reset" type="reset"/>
                              <h:commandButton   action="loginSuccess"
                                   id="login" value="Login" />
                         </td>my actionlister
package com.alw.reports.jaas;
import javax.faces.component.UIOutput;
import javax.faces.context.FacesContext;
import javax.faces.event.AbortProcessingException;
import javax.faces.event.ActionEvent;
import javax.faces.event.ActionListener;
import javax.security.auth.Subject;
public class JAASActionListener implements ActionListener   {
     private ActionListener parent = null;
     public JAASActionListener(javax.faces.event.ActionListener parent) {
          System.out.println("-------------- in JAASActionListener ;");
       this.parent = parent;
     public void processAction(ActionEvent event)
       throws AbortProcessingException {
          System.out.println("-------------- in processAction ;");
       FacesContext context = FacesContext.getCurrentInstance();
       UIOutput comp = null;
       String userid = null, password = null;
       JAASHelper jaasHelper = new JAASHelper();
       // Check to see if they are on the login page.
       boolean onLoginPage = (-1 != context.getViewRoot().getViewId().lastIndexOf("login")) ? true : false;
       if (onLoginPage) {
         if (null != (comp = (UIOutput)
           context.getViewRoot().findComponent("helloForm:username"))) {
           userid = (String) comp.getValue();
         if (null != (comp = (UIOutput)
           context.getViewRoot().findComponent("helloForm:password"))) {
           password = (String) comp.getValue();
         // If JAAS authentication failed
         if (!jaasHelper.authenticate(userid, password)) {
           context.getApplication().getNavigationHandler().handleNavigation(context, null, "login");
           return;
         else {
           // Subject must not be null, since authentication succeeded
              System.out.println("----------- setting the subjects in context in ActionListner ");
           assert(null != jaasHelper.getSubject());
           // Put the authenticated subject in the session.
           System.out.println("---- putting the authenicated subject in the seesion ");
           context.getExternalContext().getSessionMap().put("JAASSubject",jaasHelper.getSubject());
       parent.processAction(event);
       Subject subject=(Subject)context.getExternalContext().getSessionMap().get("JAASSubject");
      System.out.println("subject after parent process action>>>>>>>>>>>>>>>>>>>>>"+subject);
      assert(null != subject);
      if(!jaasHelper.permitionToAccessViewId(subject,context,context.getViewRoot().getViewId())){
          context.getApplication().getNavigationHandler().handleNavigation(context, null, "errorpage");
}can u please hint me where i did mistake
thanks in advance

gbabu wrote:
My doubt is based on that subject , how to write policy file and how to call doAsPrivileged() mehod on that Subject in order to navigate web pages.how to provide web pages permission for particular role in policy file..
For example i have three pages login.xhtml,user.xhtml,admin.xhtml.
1> if the logged in person is admin, then we want to display admin.xhtml
2> if the loggend is person is user , then we want to display user.xhtml
untill now i did and found who is logged in and what are his type( admin or user) .now i want configure the web.xml and faces-config.xml based on policy fileTo the best of my knowledge, there is nothing in the standard NavigationHandler which accounts for JAAS security. If you wanted, you could create a custom NavigationHandler to do this. If you think the idea is worthy enough, you could issue an enhancement request to the specification ([https://javaserverfaces-spec-public.dev.java.net/]).

Eclipse as a development environment with Jakarta Tomcat - Need help!!

Hello:
Subject: Eclipse as a development environment with Jakarta Tomcat
I am setting up the new development environment for my application (project). Below are the components involved::
�     Eclipse 3.1
�     myEclipse - EnterpriseWorkbenchInstaller_4.0GA_E3.1
�     jakarta-tomcat-5.0.28 (Application Server)
�     Sysdeo Eclipse Tomcat Launcher plugin - tomcatPluginV31beta
�     SDK 1.4.2_08
�     Microsoft XP sp2 operating system
I have no issue with creation of project structure in eclipse IDE, compilation, and deployment, but there are some exception upon running the application.
My project folder structure as follows:
MyApplication/
src/
Conf/
Web/
classes
taglib
lib
web.xml
�     my application has few dependent projects, therefore I copied all the dependent projects final compiled classes (jars) to �lib� folder.
�     I set all necessary classpath according to tomcat documentation.
�     I created MyApplication.xml file under D:\jakarta-tomcat-5.0.28\conf\Catalina\localhost\ folder with the below context
<Context path="/MyApplication " docBase="D:/xx/xxx/dev/src/ MyApplication/web" debug="0" reloadable="true" />
�     I don�t get any exception during compilation and deployment process.
�     I would greatly appreciate if you could give me a tips!!!!!!!!!!!!!!!!!!!!!!
Error as follows:
2005-10-10 17:31:45 StandardContext[balancer]org.apache.webapp.balancer.BalancerFilter: init(): ruleChain: [org.apache.webapp.balancer.RuleChain: [org.apache.webapp.balancer.rules.URLStringMatchRule: Target string: News / Redirect URL: http://www.cnn.com], [org.apache.webapp.balancer.rules.RequestParameterRule: Target param name: paramName / Target param value: paramValue / Redirect URL: http://www.yahoo.com], [org.apache.webapp.balancer.rules.AcceptEverythingRule: Redirect URL: http://jakarta.apache.org]]
2005-10-10 17:31:47 StandardContext[jsp-examples]ContextListener: contextInitialized()
2005-10-10 17:31:47 StandardContext[jsp-examples]SessionListener: contextInitialized()
2005-10-10 17:31:47 StandardContext[servlets-examples]ContextListener: contextInitialized()
2005-10-10 17:31:47 StandardContext[servlets-examples]SessionListener: contextInitialized()
2005-10-10 17:32:27 StandardContext[manager]HTMLManager: init: Associated with Deployer 'localhost'
2005-10-10 17:32:27 StandardContext[manager]HTMLManager: init: Global resources are available
2005-10-10 17:32:27 StandardContext[manager]HTMLManager: list: Listing contexts for virtual host 'localhost'
2005-10-10 17:32:35 StandardWrapperValve[jsp]: Servlet.service() for servlet jsp threw exception
java.lang.IllegalStateException: getOutputStream() has already been called for this response
     at org.apache.coyote.tomcat5.CoyoteResponse.getWriter(CoyoteResponse.java:599)
     at org.apache.coyote.tomcat5.CoyoteResponseFacade.getWriter(CoyoteResponseFacade.java:163)
     at org.apache.jasper.runtime.JspWriterImpl.initOut(JspWriterImpl.java:122)
     at org.apache.jasper.runtime.JspWriterImpl.flushBuffer(JspWriterImpl.java:115)
     at org.apache.jasper.runtime.PageContextImpl.release(PageContextImpl.java:190)
     at org.apache.jasper.runtime.JspFactoryImpl.internalReleasePageContext(JspFactoryImpl.java:115)
     at org.apache.jasper.runtime.JspFactoryImpl.releasePageContext(JspFactoryImpl.java:75)
     at org.apache.jsp.default_jsp._jspService(default_jsp.java:101)
     at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:94)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
     at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:324)
     at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:292)
     at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:236)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
     at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:462)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:118)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
     at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
     at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
     at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
     at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
     at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
     at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
     at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
     at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
     at java.lang.Thread.run(Thread.java:534)
path setting as follows:
%JAVA_HOME%\bin;D:\oracle\ora92\bin;C:\Program Files\Oracle\jre\1.1.8\bin;C:\Borland\AppServer\bin;C:\Program Files\CA\PEC\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\system32\nls;%SystemRoot%\system32\nls\ENGLISH;C:\Program Files\Attachmate\E!E2K\;C:\Program Files\CA\AllFusion Harvest Change Manager;D:\jwsdp-1.1\jaxb-1.0\bin;D:\jwsdp-1.1\jwsdp-shared\bin;C:\Borland\classes12.zip;C:\Program Files\UltraEdit;D:\jakarta-tomcat-5.0.28\webapps\cst\WEB-INF\classes;D:\EPS\EB_CST_v3.7.2\dev\src\cst;%PATH%
Classpath setting as follows:
.;%third_pty%\xerces.jar;D:\EPS\EB_CST_v3.7.2\dev\src\cst;D:\jakarta-tomcat-5.0.28\webapps\cst;D:\jakarta-tomcat-5.0.28\common\lib\servlet-api.jar;D:\jakarta-tomcat-5.0.28\common\lib\jsp-api.jar;D:\jwsdp-1.1\jaxb-1.0\lib\jaxb-api.jar;D:\jwsdp-1.1\jaxb-1.0\lib\jaxb-ri.jar;%third_pty%\ant.jar;D:\jwsdp-1.1\jaxp-1.2.2\lib\endorsed\dom.jar;D:\jwsdp-1.1\jwsdp-shared\lib\jax-qname.jar;D:\jwsdp-1.1\jaxb-1.0\lib\jaxb-libs.jar;D:\jwsdp-1.1\jaxb-1.0\lib\jaxb-xjc.jar;D:\jwsdp-1.1\jaxp-1.2.2\lib\jaxp-api.jar;D:\jwsdp-1.1\jaxp-1.2.2\lib\endorsed\sax.jar;D:\jwsdp-1.1\jaxp-1.2.2\lib\endorsed\xercesImpl.jar;%third_pty%\activation.jar;%third_pty%\ant-optional.jar;%third_pty%\j2ee.jar;%third_pty%\jakarta-regexp.jar;%third_pty%\jaxp.jar;%third_pty%\jcert.jar;%third_pty%\jnet.jar;%third_pty%\jsse.jar;%third_pty%\xalan.jar;C:\MSJDBSLib\msbase.jar;C:\MSJDBSLib\mssqlserver.jar;C:\MSJDBSLib\msutil.jar;
Other IDE setting:
As per tomcat documentation.

Need tips to solve this issue!!!

Servlet mapping with Apache + Tomcat

I'm trying to set up my servlet with apache + Tomcat(3.2.3), and i'm using mod_jk as the Tomcat-Apache plug-in.
The HelloWorld servlet that comes with the examples app worked fine at: http://localhost/examples/servlet/HelloWorldExample,
but how do I change the configurations, so that it can be invoked at:
http://localhost/examples/HelloWorldExample ?
It appears to me that '/servlet/' is the default prefix for Tomcat's RequestInterceptor, there is no way to get around that.
Any insights will be greatly appreciated, thanks!
Elaine

hi
Try this:
add below code in web.xml file in examples/WEB-INF
F directory
<servlet-mapping>
<servlet-name>
HelloWorldExample
</servlet-name>
<url-pattern>
/HelloWorldExample
</url-pattern>
</servlet-mapping>
Thanks for the reply, the web.xml is already set up this way, in fact, I'm able to invoke the servlet through tomcat(running on port 8080): http://localhost:8080/examples/HelloWorldExample,
tomcat reads the web.xml without any problems.
The problem comes from Apache(port 80), http://localhost:80/examples/HelloWorldExample wouldn't work, only http://localhost:80/examples/servlet/HelloWorldExample works.
It appears to me that when requests are relayed from Apache to tomcat, you need to tell tomcat that you intend to invoke a servlet by prefixing '/servlet/', if you look in the server.xml, it has
<RequestInterceptor
className="org.apache.tomcat.request.InvokerInterceptor"
debug="0" prefix="/servlet/" />
I've tried to change this to something else, it didn't seem to make any difference.

Authentification with user and password

hello experts,
Someone knows, what steps are necessary to carry out in XI for Authentification with user and pasword in SOAP adapter receiver?.
It's necesary put something in visual administrator?
thanks for all

user/pwd need to be provided by the Soap client. You'll need to store it there and maintain whenever the pwd is changed in XI.
As of best practices:
- The minimum requirements here should be SSL, so that no one can get the pwd;
- Also, as to avoid this, you could take a look at client authentication with certificates.
Regards,
Henrique.

JAAS + Tomcat 4.0.2

Hi,
i search any example about using JAAS in the web-enviroment. Anyone speaks about JAAS but nobody
implements any example for JAAS in a web-application.
Can somebody explain me, how i can realize JAAS + Tomcat. I want to write a JAAS-Module for authentication
and authorization. Please help me !!!!
Erdal

Authentication:
Implement a custom LoginModule, CallbackHandler and UserPrincipal. Use the Sample application in http://java.sun.com/security/jaas/doc/api.html#Sample as a base. Execute them as an application to test them. Eventually you will call them from the service method of your servlet.
Authorization:
Package all your privileged actions into a jar file and put them on the Catalina classpath. Assign that jar permissions for your custom principal.
Package all the classes which call the actions into a second jar file, and also put them on the classpath. Grant this jar the same permissions, excluding the Principal modifier.
Place your servlet which calls the above classes under one of application root directories.
That's all there is to it. I was able to make this work by piecing together all the excellent posts by in this forum.

Configuring JDBC connector with my Tomcat server

I realize this may be a dumb question, but I'm having trouble configuring my JDBC connector with my tomcat server. I'm trying to run a simple servlet that will access mysql database. I am almost certain its throwing an exception on the line:
Class.forName("com.mysql.JDBC.Driver");
I have a feeling the tomcat class path isn't finding the connector jar file.
Any help would be greatly appreciated.
Brian

I am almost certain its throwing an exception on the line:
Class.forName("com.mysql.JDBC.Driver");If it's a ClassNotFound exception or the like, then yes. Post the exception and stack trace if you need confirmation of this.
I have a feeling the tomcat class path
isn't finding the connector jar file.That's what I think too. Did you ensure that the MySQL driver JAR file was in the classpath?
It will need to be in common/lib under Tomcat, or WEB-INF/lib under your application.
For a more portable application you should use JNDI to obtain database connection resources, in which case you would want the JAR to be under common/lib.

Apex with XE10g/Tomcat 6.0.13 PDF Print with Apex FOP.WAR

Apex with XE10g/Tomcat 6.0.13 PDF Print with Apex fop.war/apex_fop.jsp
Hello,
Excuse me bad english.
I have a problem with Oracle XE and Printing from Reports over Tomcat 6.0.13.
I have update Oracle XE with Apex 3.1 and it works fine.
Now i have tried to Print a report to PDF. So i have deployed the FOP.WAR from Apex Utilities under Tomcat.
I see in Tomcat Manager http://localhost:8888/manager/html/list that the FOO
has been deployed and is running.
If i try to print then i get this Message down to this page.
Can anybody give me a hint to solve this problem???
Hint
To resolve the problem i have installed Oracle OC4J with same Port and deployed
the same foo.war file.
Then works and all printing from Oracle Apex work fine and okay.
So i thing the Apex and Oracle work correct.
But we have a small Application so i would prefer to work with Tomcat a application Server.
Becaus of previous Errors have copied some *.jar files to C:\tomcat6.0.13\lib
but i thing this is not the Problem.
18.03.2007 18:12 546.765 xml.jar
18.03.2007 18:07 634.772 xmlmesg.jar
18.03.2007 18:14 1.238.899 xmlparserv2.jar
10.06.2007 22:59 674.005 xquery.jar
18.03.2007 18:11 3.059 xsqlserializers.jar
18.03.2007 18:14 194.691 xsu12.jar
10.11.2005 13:13 7.043.169 tools.jar
.... and preinstalled files
type Exception report
message
description The server encountered an internal error () that prevented it from fulfilling this request.
exception
org.apache.jasper.JasperException: java.lang.IllegalStateException: getOutputStream() has already been called for this response
org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:541)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:429)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
root cause
java.lang.IllegalStateException: getOutputStream() has already been called for this response
org.apache.catalina.connector.Response.getWriter(Response.java:604)
org.apache.catalina.connector.ResponseFacade.getWriter(ResponseFacade.java:198)
org.apache.jasper.runtime.JspWriterImpl.initOut(JspWriterImpl.java:125)
org.apache.jasper.runtime.JspWriterImpl.flushBuffer(JspWriterImpl.java:118)
org.apache.jasper.runtime.PageContextImpl.release(PageContextImpl.java:186)
org.apache.jasper.runtime.JspFactoryImpl.internalReleasePageContext(JspFactoryImpl.java:118)
org.apache.jasper.runtime.JspFactoryImpl.releasePageContext(JspFactoryImpl.java:77)
org.apache.jsp.apex_005ffop_jsp._jspService(apex_005ffop_jsp.java:120)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:393)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
------------------------------------------------------------------------

at the end of the apex_fop.jsp put the follow code just before the driver.run(); line:
out.clear();
out = pageContext.pushBody();
and explanation of why this works is here:
http://forums.sun.com/thread.jspa?threadID=5307942

I want to use hibernate with the tomcat

I want to use hibernate with the tomcat server can it be possible and if yes then what is the stepwise way.
Infact I know the java JSF but want to command on Hibernate plz help me.
I'll be thankful to you.

To be honest, I wouldn't even know where to start. Do you know what Hibernate does and how it works? Do you know how Tomcat works? All you'd need to do to combine those two would be to let Tomcat provide the DB connections for Hibernate, I suppose. Neither of those products are a topic of this board though.

Root certificate issue with keytool (Tomcat)

I have:
- Created a certificate request
- Sent the request to a CA (Verisign affiliate)
- Received the certificate
- Installed the certificate
When I surf to the page that utilizes the certificate, I receive an error message:
"This CA Root certificate is not trusted. To enable trust, install this certificate in the Trusted Root Certification Authoritues store"
I use the certificate with Apache Tomcat. The root certificate is imported into the cacerts file. I use the following commands to prepare and install the certificate:
keytool -genkey -dname "cn=somesite.com, ou=IT, o=SomeCompany, l=Stockholm, s=Sweden, c=SE" -keyalg "rsa" -alias SomeAlias -keystore D:\ssl\SomeFolder\keystore.jks -storepass SomePassword -validity 360
keytool -certreq -alias SomeAlias -file D:\ssl\SomeFolder\MyCSR.csr -keystore D:\ssl\SomeFolder\keystore.jks -storepass SomePassword
keytool -import -trustcacerts -alias SomeAlias -file D:\ssl\SomeFolder\MyCert.cer
I don't see why I am having this problem. Please help me. I've spend several hours with different problems regaring the keytool utility, and the current certificate is valid for only three more days.
Thanks in advance!
Best regards,
Bj�rn

I am guessing that your ks file is not visible by the default config for Tomcat
Check in your tomcat/conf/server.xml
the config for the SSL Coyote Connector config block... you must specify the keystoreFile, maybe keystorePass... see http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html under Edit the Tomcat Configuration File
-Jay

How berkeley db performance with appache tomcat

can any one tell me how berkeley db performs with appach tomcat jjava application server.
i m presised in finding the speed (accessing)

Hi,
Many of the folks that typically respond to these questions do not have direct experience with tomcat and Berkeley DB. It would be great if folks from the user community would chime in here and share their experiences and performance.
We do know that some/many folks use Berkeley DB with Tomcat so hopefully folks will respond.
Regards,
Ron

Discussion on Apache with Apaphe Tomcat

I am doing some research on the pros and cons of
either using Apache with Apaphe Tomcat on a live production server
or
Apaphe Tomcat on its own on a live server.
Anyone knows any urls to some documentation on the subject
Con (Apache with Apaphe Tomcat)
I personally feel that Apaphe Tomcat on its own is a better sollution
because the OS will use more memory to run both application (Apache with Apaphe Tomcat) simultanuesly.

I've heard on many occasions that Apache can serve static content (html) faster than Tomcat. So if you are not concerned with Java the you'd be better off with just Apache. Tomcats main focus is to serve dynamic Java content, it just so happens that it can serve static content as well.
here is one link,
http://www.theserverside.com/discussions/thread.tss?thread_id=38472

Can I change password in Unix with JAAS??

Can I change password in Unix with JAAS??
Thanks
Lu

JAAS - change password ?? why would you use JAAS to change your password. If you really want to you could possibly write code to make a system call to change the password. And I dont think that would be easy
Vijay

Restrict access to files with JAAS

Hi,
I would like to restrict access based on a JAAS-autenticated user to a file named
c:/foo.txt. I have written some code that checks if the autenticeted user has
access to the file, but how and where do I grant the user access with JAAS in
WebLogic Server 6.
FilePermission filePerm = new FilePermission("c:/foo.txt", "read");
java.security.AccessController.checkPermission(filePerm);
thanks
/Chriz

meena.vyas and jyri, please note that the uri parameter specifies a wildcard pattern. As stated in the the Using Wildcard Patterns section of the NSAPI Programmer's Guide at http://docs.sun.com/source/817-6252/npgwldcrd.html, ~ is a special character in wildcard patterns. As such, your examples will not work.
ylapin, the following should do what you want:<Client uri="*\\~">
PathCheck fn="deny-existence"
</Client>You can add the above immediately below the <Object name="default"> line in the obj.conf configuration file.

JAAS + Tomcat 4

Hi,
Can someone help me ??? I want realize JAAS + Tomcat 4.0.2. I want to implement a JAAS-Module for authentication and authorization in the web-enviroment !!!!
Hava anyone code or example to this topic, then please
let me take part at this experience.
Erdkal

I'm interested in this as well. I'm new to JAAS, but I noticed a couple of classes in the catalina source.
@see
org.apache.catalina.realm.JAASMemoryLoginModule
org.apache.catalina.realm.JAASRealm
If there is more interest in this, maybe we should collaborate under the apache tomcat project by improving/extending these classes.
Kevin Ross

Authentification with JAAS, Tomcat

Similar Messages

Maybe you are looking for