I am trying to integrate waffle in my web app project (jsp). I want to authenticate user for my webapp, from Active directory(following Kerberos protocol ).
Whenever user hint the url firstly tomcat server authenticate the user from Active directory server, upon authentication user can use my web application (jsp).
Here's the setting I followed for implementing waffle. When I hit the url pop up occur for verification after successful login it shows
HTTP Status 403 - Access to the requested resource has been denied
context.xml
<Context>
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="Jaas"
userClassNames="waffle.jaas.UserPrincipal"
roleClassNames="waffle.jaas.RolePrincipal"
useContextClassLoader="false"
debug="true" />
</Context>
web.xml
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>Jaas</realm-name>
</login-config>
<security-role>
<role-name>Everyone</role-name>
</security-role>
<security-constraint>
<display-name>Waffle Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Everyone</role-name>
</auth-constraint>
</security-constraint>
login.conf
Jaas {
waffle.jaas.WindowsLoginModule sufficient;
};
jaas.policy
grant Principal * * {
permission java.security.AllPermission "/*";
};
I tried the below configuration, it works for me.
<security-role>
<role-name>*</role-name>
</security-role>
<security-constraint>
<display-name>Waffle Security Constraint</display-name>
<web-resource-collection>
<web-resource-name>Protected Area</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>*</role-name>
</auth-constraint>
</security-constraint>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.