Hi,
I am trying to get an application that is usually deployed on JRun to run on Tomcat 4.1 within Eclipse (using Eclipse's WTP).
Now, this application uses JAAS for authentication via a FORM.
I have been trying to get it to work by using Tomcat's JAASRealm without much success.
Here is what I have done:
1) I configured Tomcat's server.xml file with the following:
<Realm className="org.apache.catalina.realm.JAASRealm"
appName="MyApp" userClassNames="MyLoginPrincipal"
roleClassNames="MyLoginPrincipal" debug="99"/>
2) I created a file called jaas.config with the following:
MyApp
{
MyLoginModule required mode="USER" debug=true;
};
3) I referenced this file on the JVM's arguments using:
-Djava.security.auth.login.config=="C:\Program Files\Apache Group\Tomcat 4.1\conf\jaas.config"
4) I have the following in the application's web.xml file:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>MyApp</realm-name>
<form-login-config>
<form-login-page>/preLoginJAAS.jsp</form-login-page>
<form-error-page>/loginfailed.jsp</form-error-page>
</form-login-config>
</login-config>
Now, when it tries to login, it goes to /preLoginJAAS.jsp correctly. It has a form that submits to j_security_check.
However, it will automatically go to /loginfailed.jsp when the user clicks on submit. It will not call any of the authentication code at all (ran it in debug mode, put breakpoints in).
Here is my question: What am I missing? And if I am not missing anything, what else can I try? Keep in mind that I do not want to do a substantial rewrite of the application's handling of authentication.