<filter>
<filter-name>Security Filter</filter-name>
<filter-class>org.securityfilter.filter.SecurityFilter </filter-class>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/securityfilter-config.xml</param-value>
<description>Configuration file location (this is the default value)</description>
</init-param>
<init-param>
<param-name>validate</param-name>
<param-value>false</param-value>
<description>Validate config file if set to true</description>
</init-param>
<init-param>
<param-name>formPattern</param-name>
<param-value>/logMeIn</param-value>
<description>
As an example a login form can define "logMeIn" as it action in place of the standard
"j_security_check" which is a special flag user by app servers for container managed security.
</description>
</init-param>
</filter>
<!-- start with a Catalina realm adapter to wrap the Catalina realm defined below -->
<realm className="org.securityfilter.realm.catalina.CatalinaRealmAdapter" />
And i put casclient.jar and all jar of the security filter projet in WEB-INF/lib.
For me there are no problem but i have this in the browser :
HTTP Status 404 - Servlet HTMLManager is not available
type Status report
message Servlet HTMLManager is not available
description The requested resource (Servlet HTMLManager is not available) is not available.
Apache Tomcat/5.5
And in the log :
INFO http-8080-Processor25 org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager] - Marking servlet HTMLManager as unavailable
INFO http-8080-Processor25 org.apache.catalina.core.ContainerBase .[Catalina].[localhost].[/manager] - Marking servlet HTMLManager as unavailable
What is the problem?
Cordially
Aurelien Allienne
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
I want to use these filters for authenticate on tomcat manger. I use this wiki page :
http://www.ja-sig.org/wiki/display/CASC/Combining+CASFilter+with+Tomcat+Realms+using+SecurityFilter
http://www.ja-sig.org/wiki/display/CAS/CASifying+Tomcat+Manager
So I have this in my web.xml :
...
<filter>
<filter-name>CASFilter</filter-name>
<filter-class>edu.yale.its.tp.cas.client.filter.CASFilter</filter-class>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.loginUrl </param-name>
<param-value>https:///auth.univ-lille2.fr/cas/login</param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.validateUrl</param-name>
<param-value>https://auth.univ-lille2.fr/cas/serviceValidate </param-value>
</init-param>
<init-param>
<param-name>edu.yale.its.tp.cas.client.filter.serverName</param-name>
<param-value> agenda.univ-lille2.fr:8080</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CASFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
<filter>
<filter-name>Security Filter</filter-name>
<filter-class>org.securityfilter.filter.SecurityFilter </filter-class>
<init-param>
<param-name>config</param-name>
<param-value>/WEB-INF/securityfilter-config.xml</param-value>
<description>Configuration file location (this is the default value)</description>
</init-param>
<init-param>
<param-name>validate</param-name>
<param-value>false</param-value>
<description>Validate config file if set to true</description>
</init-param>
<init-param>
<param-name>formPattern</param-name>
<param-value>/logMeIn</param-value>
<description>
As an example a login form can define "logMeIn" as it action in place of the standard
"j_security_check" which is a special flag user by app servers for container managed security.
</description>
</init-param>
</filter>
<filter-mapping>
<filter-name>Security Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
....
I have create a securityfilter-config.xml
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE securityfilter-config PUBLIC
"-//SecurityFilter.org//DTD Security Filter Configuration 2.0//EN"
"http://www.securityfilter.org/dtd/securityfilter-config_2_0.dtd ">
<securityfilter-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Pages</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>tomcat admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>CAS</auth-method>
<form-login-config>
<form-default-page>/html/index.html</form-default-page>
</form-login-config>
</login-config>
<!-- start with a Catalina realm adapter to wrap the Catalina realm defined below -->
<realm className="org.securityfilter.realm.catalina.CatalinaRealmAdapter" />
<realm className="org.apache.catalina.realm.JNDIRealm">
<realm-param name="connectionName" value="cn=admin,dc=univ-lille2,dc=fr"/>
<realm-param name="connectionPassword" value="prout"/>
<realm-param name="digest" value="SHA"/>
<realm-param name="connectionURL" value="ldap://ldapmasta:1389"/>
<realm-param name="userBase" value="ou=people,dc=univ-lille2,dc=fr"/>
<realm-param name="userSearch" value="(supannAliasLogin={0})"/>
<realm-param name="roleBase" value="ou=appli,dc=univ-lille2,dc=fr"/>
<realm-param name="roleSubtree" value="true"/>
<realm-param name="roleName" value="cn"/>
<realm-param name="roleSearch" value="(member={0})"/>
<realm-param name="debug" value="99"/>
</realm>
</securityfilter-config>
And i put casclient.jar and all jar of the security filter projet in WEB-INF/lib.
For me there are no problem but i have this in the browser :
HTTP Status 404 - Servlet HTMLManager is not available
type Status report
message Servlet HTMLManager is not available
description The requested resource (Servlet HTMLManager is not available) is not available.
Apache Tomcat/5.5
And in the log :
INFO http-8080-Processor25 org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/manager] - Marking servlet HTMLManager as unavailable
INFO http-8080-Processor25 org.apache.catalina.core.ContainerBase .[Catalina].[localhost].[/manager] - Marking servlet HTMLManager as unavailable
What is the problem?
Cordially
Aurelien Allienne