Server (Tomcat) Managed "Role-Based" Authentication (isUerInRole)

Similar Messages

• Manager password in tomcat for form based authentication

  Hi all,
  I have a jsp using form based authentication.I have set up the web.xml,server.xml and created my database with the various users and roles but when i try to deploy the application,it as for the manger username/password and when i enter what i have in the database it refuses to connect.
  Anyone has any idea what i might be doiing wrong?
  Thans in advance

  Hi,
  I'm a little confused. You wanted to know how to configure Tomcat for form based authentication, and I sent you an article on how to do that. Is there something more you need from me? You had offered 10 duke dollars for this post, and if there is more I can do I will help for the remaining amount, but I can't help you getting access to the Tomcat *.xml file.

• Configuring tomcat for form based authentication-help badly needed

  hi , i want to have form based or some other way of authentication for the users comming to my site , i have access only to web.xml , but in tomcat documentations its giveni need to change server.xml and tomcat-user.xml , can i make these changes on web.xml to implement it or please tell me way out of this please , i tried even jguard but it needs changes in jvm which also not into my access

  Hi,
  I'm a little confused. You wanted to know how to configure Tomcat for form based authentication, and I sent you an article on how to do that. Is there something more you need from me? You had offered 10 duke dollars for this post, and if there is more I can do I will help for the remaining amount, but I can't help you getting access to the Tomcat *.xml file.

• Need Help for role based authentication

  Hi,
  I am creating a web application which will run on Linux-apache using jsp and oracle as database.
  This web application will show information about customers.
  I want to create role based authentication, which has read only access for cuatomers so they can see
  only there data, users having readonly access to all customer information also admin user to
  add/update/delete information.
  please help me.

  Can you please explain more on this ? or any resource on internet to help
  me.
  thanks.

• NPS and Cisco ASA 5510 - AnyConnect Certificate based authentication

  Hi everyone,
  Hoping someone can help please.
  We're trying to go for a single VPN solution at our company, as we currently have a few through, when buying other companies.
  We're currently running a 2008 R2 domain, so we're looking at NPS and we have Cisco ASA 5510 devices for the VPN side.
  What we would like to achieve, is certificate based authentication. So, user laptop has certificate applied via group policy based on domain membership and group settings, then user goes home. They connect via Cisco AnyConnect via the Cisco ASA 5510 and
  then that talks to MS 2008 R2 NPS and authenticates for VPN access and following that, network connectivity.
  Has anyone implemented this before and if so, are there any guides available please?
  Many Thanks,
  Dean.

  Hi Dean,
  Thanks for posting here.
  Yes, this is possible . But we have guide about a sample that using Windows based server (RRAS) to act as VPN server and working with Windows RADIUS/NPS server and use certificate based authentication method (Extensible Authentication Protocol-Transport
  Layer Security (EAP-TLS) or PEAP-TLS without smart cards) for reference :
  Checklist: Configure NPS for Dial-Up and VPN Access
  http://technet.microsoft.com/en-us/library/cc754114.aspx
  Thanks.
  Tiger Li
  Tiger Li
  TechNet Community Support

• SocketException when logging in (form-based Authentication

  Hi,
  i'm getting a strange error when logging into a web-application, which uses form-based
  authetication:
  <08.04.2003 19:27:31 CEST> <Error> <HTTP> <Connection failure
  java.net.SocketException: ReadFile failed: Der angegebene Netzwerkname ist nicht
  mehr verf&#179;gbar.
  (error 64, fd 2532)
  at weblogic.socket.NTSocketMuxer.initiateIO(Native Method)
  at weblogic.socket.NTSocketMuxer.read(NTSocketMuxer.java:407)
  at weblogic.servlet.internal.MuxableSocketHTTP.requeue(MuxableSocketHTTP.java:231)
  at weblogic.servlet.internal.ServletResponseImpl.send(ServletResponseImpl.java:977)
  at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:1964)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:137)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:120)
  We're running wls 6.1&oracle9i on win xp with a variation of the RDBMSRealms -
  database and realm setup seems to be ok, as there is another web-app running on
  the same server, also with form-based authentication, which works fine and validates
  the user correctly.
  I've seen lots of posts concerning this SocketException - alas I never found a
  hint on what causes the problem. Anyone having any ideas!? Any help highly appreciated,
  as i'm quite desparate right now %(
  greetings
  stf

  Hi John,
  Yep, it's WebLogic-specific.
  Check out
  http://e-docs.bea.com/wls/docs61///javadocs/weblogic/servlet/security/ServletAuthentication.html
  for more information
  Cheers,
  Joe Jerry
  John Chen wrote:
  Hi, Joe,
  Is that weblogic specific API ? Could you tell a bit more detail on how to use
  that ?
  Thanks
  John
  Jerry <[email protected]> wrote:
  ServletAuthentication.weak() should do what you want
  Cheers,
  Joe Jerry
  John Chen wrote:
  Hi, friends,
  Does anybody know how to get authenticated programmtically when accesssome servlet
  in FORM-based authentication ?
  I have some Java programs running on a server other than weblogic application
  server. And I want to use HTTP request programmtically to talk to aservlet on
  WebLogic 6.0. For basic authentication, i can add authorization infointo the
  request, how can I do that for form-based authentication ?
  Thanks
  John

• Non-admin Users SQL Server Configuration Manager

  Hi Everyone,
  I'm wondering if it's possible to grant non-admin users to start/stop SQL services using SQL Server Configuration Manager. Using the sc command, I was able to grant non-admin users access to services applet in Windows.
  However, our DBA said that the best practice to stop/start SQL is via SQL Server Configuration Manager. Based on testing, they are unable to stop/start SQL from SQL Server Configuration
  Manager though they are able to do so (stop/start SQL services) via Services applet.

  Check these links.. Yes you can stop/start SQL is via SQL Server Configuration Manager, services.msc,
  SSMS --> InstanceName-->Stop / Start
  http://support.microsoft.com/kb/325349
  http://social.technet.microsoft.com/Forums/en/w7itprosecurity/thread/8848c72c-37fa-4d7f-90a6-769e4204f2f3
  Raju Rasagounder Sr MSSQL DBA

• Form Based Authentication on Tomcat with custom index.jsp page...

  Hi there ppl,
  I've got Form Based Authentication working correctly on my Tomcat server but I want to override the default generated index.jsp after successfully logging on. I've tried placing my own index.jsp in the directory that's restricted, but its only overridden by the default one when successfully logged on which displays:
  "Authentication Mechanism FORM"
  This means having to navigate by typing the url in the address bar to another page which is gets really annoying afterawhile.
  Any help on this would be much appreciated,
  thanks already

  Yes there's a default generated index.jsp page that I'm having trouble overriding with one of my own. Have you used Form Based Authentication before? To do so you have edit the WEB-INF/web.xml file by adding:
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>Secure Area</web-resource-name>
  <url-pattern>/test/secure/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>admin</role-name>
  </auth-constraint>      
  </security-constraint>
  <login-config>
  <auth-method>FORM</auth-method>
  <form-login-config>
  <form-login-page>/test/secure/loginpage.jsp</form-login-page>
  <form-error-page>/test/secure/errorpage.jsp</form-error-page>
  </form-login-config>
  </login-config>
  When you attempt to first go to any page in my /test/secure/ directory you get redirected to the /test/secure/loginpage.jsp where you have to login as a tomcat user, when succesfully logged on you get redirected to an index.jsp page which is NOT the one I created in test/secure/index.jsp. Even when I type in the url to go to my own test/secure/index.jsp I still don't get my own one that exists there, but instead get the default one that's generated that displays:
  "Authentication Mechanism FORM".
  Hope that makes more sense.
  I've tried restarting tomcat but it makes no difference.

• Role based data visibility is not working in Round manager

  I am looking for role based data visibility in Syclo round manager application where technician will see the data which is assigned to his name only (not all the data)  I have created one custom role in SAP system and it's working fine .It's showing the below message :
  Now I want to implement the same in syclo round manager .So I went to the SAP configuration panel and set the same user role on the security setting in class handler .Z_SYCLO_RM_ROLE is the custom role which I mentioned earlier .I tried with different option in this tab but it's not working .
  Please let me know if I missed something to mention or is there any other process I need to follow .
  Tags edited by: Michael Appleby

  is not working Insufficient information. In what way is it "not working"? The page doesn't render as required? There's an error message? The browser crashes? The server room has been trampled into dust by a herd of buffalo?
  >
  I am unable to make it as page form / report.
  v1 := v1 || ' ' ||'<input inline type =submit style="color:BLUE;background-color:RED" value='||c2.plot_id||'>';
  ...It is not possible to generate form elements in an APEX page in this way. The [APEX_ITEM API|http://download.oracle.com/docs/cd/E14373_01/apirefs.32/e13369/apex_item.htm#CACEEEJE] is the only way to create APEX items in PL/SQL. However it contains no procedures to generate button items, so an alternative design is required in this case, e.g. a report with links.
  (Also what is the intention of "inline" in the above code? [There is no *inline* attribute|http://www.w3.org/TR/1999/REC-html401-19991224/interact/forms.html#h-17.4].)

• Role-Based Security In SQL Server Reporting Services

  Hi
  I have created Reports,
  Now I need to assign Role-Based Security, ie like some particular clients can access only some particular report.
  http://localhost/reports/Pages/Folder.aspx
  Here in the above link i can see the property tool bar where i need to set the user assignement roles.
  could any one please help me out how to set different login assigned to a set of report.
  Or is there any tutor links for this.
  Thanks a lot.
  Shan

  Create folders under the Home page (the link you have there).  For each folder set group athentication (AD) or harder managed, user account roles for the folders and the reports under the folder.
  If you set security at that home level you will not be able to control what reports they see or can't see.  You'll need to go all the way to the folder/report level.
  It's also not best practice to deploy reports directly to the home level.  Not best practice in it creating a very hard to manage security level.  Think of the levels in security as such to SQL Server.  Set the connect to sql level, database level and then down to the objects in them.  Same priciples apply to SSRS.
  Here is a cast going through some security settings as well http://technet.microsoft.com/en-us/sqlserver/dd391734.aspx fro creating your roles and utilizing them
  Ted Krueger Blog on lessthandot.com @onpnt on twitter

• Tomcat Manager Portal in BlazeDS Turnkey Server

  Hi all,
  Im pretty new to blazeds, and liking what i have experienced thus far. Could anyone please tell me how to access the Tomcat Manager Portal within the BlazeDS Turnkey Server Installation.
  Like in know it runs on port 8400 by default. So running it then opening http://localhost:8400 gets me the blazeds turnkey home page with links to the sample apps.
  However I want to get to the Tomcat Portal to change file access permissions etc. And if i wanted to deploy apps from there etc.
  Is this possible?
  Please advise!
  Kind Regards
  Willem

  Follow the instructions here:
  http://blog.techstacks.com/2009/05/tomcat-management-setting-up-tomcat.html
  Basically just add a user and role to the $CATALINA_HOME/conf/tomcat-users.xml:
  <?xml version='1.0' encoding='utf-8'?>
  <tomcat-users>
    <role rolename="manager"/>
    <user username="tomcat" password="tomcat" roles="manager"/>
  </tomcat-users>
  Then use the URL: http://localhost:8400/manager/html to access the manager.

• Form based authentication getting logged in username and role

  Hi
  I have implemented a simple Form based authentication in my web site.
  I have maintained tomcat-users.xml file for user names, passwords and roles.
  Once my user is authenticated, I need to access his name and role in website.
  How can this be done.
  Please guide.
  Thanks

  The request object should contain the information, e.g. use request.getRemoteUser().

• Form Based Authentication in SharePoint 2013: Getting The remote server returned an error: (500) Internal Server Error

  Hi
   I configured forms based authentication mode in Sharepoint 2013 site. When i tried to log in with windows authentication prompt it throws the following error
  The remote server returned an error: (500) Internal Server Error
  [WebException: The remote server returned an error: (500) Internal Server Error.] System.Net.HttpWebRequest.GetResponse() +8548300 System.ServiceModel.Channels.HttpChannelRequest.WaitForReply(TimeSpan timeout) +111 [ProtocolException:
  The content type text/html; charset=utf-8 of the response message does not match the content type of the binding (application/soap+msbin1). If using a custom encoder, be sure that the IsContentTypeSupported method is implemented properly. The first
  1024 bytes of the response were: '<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
  How to fix this issue?
  Regards,
  Siva

  Did you create a new web application or modify an existing web application?
  I would start by checking the ULS logs, maybe there is an incorrect setting within one of the web.config files, or SQL permissions.
  Also, as suggested above, check application pools are running.
  This blog post is a great guide for setting up FBA, check it through to make sure you haven't missed any steps:
  http://blogs.technet.com/b/ptsblog/archive/2013/09/20/configuring-sharepoint-2013-forms-based-authentication-with-sqlmembershipprovider.aspx

• Connection broker and RemoteApp manager role on the same server OK?

  Hello. I may have what seems to be a strange request here. I have a currently working 3 node TS farm consisting of 2 Terminal Servers with the RemoteApp role on them and 1 server running the connection broker. All is running fine but the RemoteApps I have
  published are prohibited to have the clipboard enabled for them due to PCI DSS compliance. I wanted to install some other apps and have the clipboard enabled but since it seems that the clipboard is a server setting and not a per app setting, I was hoping
  to just install these apps right on the server running the connection broker vs building a separate new TS server to host them. These other apps do not need to be in the load balanced environment.
  Can I just install the RemoteApp role on the CB server without any interruption to the farm?
  Thanks,
  Joe

  Hi Joe,
  Thank you for your comment.
  Can you let me the OS version of RDS Server?
  For better understanding, I can explain you that; RemoteApp is not a role which you need to install. But you need to install RD Web access role and then you can publish RemoteApp through that. For eg. If you are using Server 2012\R2 then you need to create
  a collection and after that you can publish the RemoteApp feature which you or your user can use through RD Web Access. 
  As per your comment you have already TS role installed, then you can install RD Web access through role based installation, select the role and server on which you want to install it. Please refer beneath article if you have server 2008 r2.
  Remote Desktop Web Access (RD Web Access)
  http://technet.microsoft.com/en-us/library/cc731923.aspx
  Hope it helps!
  Thanks,
  Dharmesh

• Form Based Authentication in SQL Server 2012

  Hi Everyone,
  Please can anyone provide me the document or the link which explain step by step procedure for configuring FBA on MS SQL Server 2012 SP1.
  If let's say I have FBA enabled ASP.NET application, can I use same user database for SQL Server FBA configuration or not? and can I integrate the report in this application.
  Any help would be appreciated. 
  Thanks
  Swapnil

  Hi Swapnil,
  Reporting Services provides an extensible architecture that allows us to plug in custom or forms-based authentication modules. Forms Authentication is a type of ASP.NET authentication in which an unauthenticated user is directed to an HTML form. Reporting
  Services can be extended to support Forms Authentication using the security extensibility interfaces available through the Reporting Services API. If you extend Reporting Services to use Forms Authentication, use Secure Sockets Layer (SSL) for all communications
  with the report server to prevent malicious users from gaining access to another user's cookie.
  For more information about Forms Authentication in Reporting Services, please see:
  Configure Custom or Forms Authentication on the Report Server
  Authentication in Reporting Services
  Hope this helps.
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support