On Tue, Nov 4, 2014 at 10:37 PM, Ji Zhang <JZhang(a)tradeinformatics.com> wrote:
Now I have the configuration below:
1) security setting in web.xml:
<security-constraint>
<web-resource-collection>
<web-resource-name>TomcatRealmUserArea</web-resource-name>
<url-pattern>/bin/view/XYZ/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>TomcatRealmUsers</role-name>
</auth-constraint>
</security-constraint>
2) xwiki.conf:
xwiki.authentication.authclass=com.xpn.xwiki.user.impl.xwiki.AppServerTrustedAuthServiceImpl
3) Basic authentication:
#-# Authentication type. You can use 'basic' to always use basic
authentication.
You are mixing several things here. All the actual authentication work
is supposed to be done by TomcatRealmUsers before accessing XWiki
(AppServerTrustedAuthServiceImpl just trust what's given by the front
auth and create the user accordingly) so there is no reason to enable
XWiki basic auth.
The restriction works, I got 403 (HTTP Status 403 - Access to the requested resource has
been denied ) when I try to access:
http://mymachine:9090/xWiki/bin/view/XYZ/Tutorial+1
The question is:
How to access this page successful?
This is not a XWiki question, the authentication is done by whatever
authenticator you are using in fron of XWiki.
AppServerTrustedAuthServiceImpl just trust it.
Thanks.
-----Original Message-----
From: Ji Zhang
Sent: Monday, November 03, 2014 1:10 PM
To: users(a)xwiki.org
Subject: RE: [xwiki-users] Question regarding AppServerTrustedAuthServiceImpl
Thanks Clemens.
How do I test if this authentication works? For example, I have an user jsmith/password
in Tomcat JDBC realm. How do I assign the viewing privileges to jsmith?
Thanks again.
Ji
-----Original Message-----
From: users [mailto:users-bounces@xwiki.org] On Behalf Of Clemens Klein-Robbenhaar
Sent: Monday, November 03, 2014 11:42 AM
To: users(a)xwiki.org
Subject: Re: [xwiki-users] Question regarding AppServerTrustedAuthServiceImpl
On 11/03/2014 05:15 PM, Ji Zhang wrote:
Guys,
I am new to Xwiki.
I have a xwiki deployed on tomcat 6. I need to use authentication against tomcat JDBC
realm. AppServerTrustedAuthServiceImpl seems to my option. Are there some detailed
documents or examples for using it?
yes: add a line do the xwiki.cfg in the WEB-INF folder, as explained here:
http://platform.xwiki.org/xwiki/bin/view/AdminGuide/Authentication#HContain…
That (and restarting tomcat) should be everything you need to do.
Cheers,
Clemens
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
_______________________________________________
users mailing list
users(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
--
Thomas Mortagne