I think that step 6 should either start both modules

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: y-constraints defined in web.xml The Tomcat implementation of the Pipeline for a Context is such that only one Valve which is also an Authenticator valve is added to the Pipeline. The standard Tomcat Authenticator valves (e.g. BasicAuthenticator) check for and honor all the security constraints specified in the webapp web.xml descriptor. The PageflowValve implementation part of tomcat-server under netui is an Authenticaor valve as it extends BasicAuthenticator, which means that it is mutually exclusive with the regular Tomcat authenticator valves (only one can be in the pipeline). It does not however keep the features that were part of the AuthenticatorBase and the BasicAuthentiocator invoke() method implementation. Such issue results for example in the user-data-constraint elements being completely ignored, and therefore pages who are supposed to be served only with SSL are always served without SSL. Following is an example of the code from the regular Tomcat authenticators that is missing from beehive adapter (please note that the code is from Tomcat 5.5.7 with which by the way beehive does not compile, but should give you a good idea of the missing features...): // Enforce any user data constraint for this security constraint if (log.isDebugEnabled()) { log.debug(" Calling hasUserDataPermission()"); } Realm realm = this.context.getRealm(); // Is this request URI subject to a security constraint? SecurityConstraint constraints = realm.findSecurityConstraints(request, this.context); if (!realm.hasUserDataPermission(request, response, constraints)) { if (log.isDebugEnabled()) { log.debug(" Failed hasUserDataPermission() test"); } /* * ASSERT: Authenticator already set the appropriate * HTTP status code, so we do not have to do anything special */ return; } openejb builder listener attribute has bad object name currently has org/apache/geronimo/Jetty. Needs geronimo/jettyortomcat/${pom.currentVersion}/car. Found by Jakob Færch [MSVC 8.0] compilation err...
View Full Document

This document was uploaded on 10/12/2012.

Ask a homework question - tutors are online