I have deployed a war file inside a folder in the Tomcat webapps folder and the manager page is password protected. But I also want to password protect my application other than the Login system which it has of its own. I tried doing what is mentioned here.
But There has been no luck, when I do what it is mentioned there even the tomcat page i.e, localhost:8080 is also not accessible as it gives a not found error whereas I am able to access localhost:8080/manager/html page with the credentials and when I click on the Application I want to access it still doesn't ask for credentials but directly opens the web application.
I need to login a web application(internet) from another web application(intranet) deployed internal having only the username and without share the password.
I'd like to login like a customer from the internal help desk web site in order to give support in realtime and see the same things that the customer see from home.
Is there away to use the security of the internal website based on active directory and Weblogic to login on the another web application accessible from internet and deployed on weblogic?
"Oracle Co Browsing " helps you..check here
I've created my java web application on a tomcat server which will start another instance using the AWS Java SDK, on windows i just place the credentials in my user. Im now trying to host my application on an AWS EC2 Instance and hence i am trying to place my credentials on the Linux EC2 i've follow some steps on the AWS SDK - http://docs.aws.amazon.com/AWSSdkDocsJava/latest/DeveloperGuide/java-dg-setup.html as per the link but im still thrown the same error upon calling the method -
Cannot load the credentials from the credential profiles file. Please
make sure that your credentials file is at the correct location
(~/.aws/credentials), and is in valid format.
I've created a .aws folder in my home directory an placed the credential file within it, i've also added the export codes within the .bashrc file but it doesnt seem to work.
At Wits end here :(
Check what user tomcat runs as on the other machine.
When you store the credential for your user, they are stored at ~/.aws/credentials.
That's ok for you, but Tomcat may not be running as you.
So ensure a copy is present also at /home/{whateveryourtomcatuseris}/.aws/credentials.
We are in the process of developing a JSP based Web application. This application needs the logged in user ID from the local PC (Windows / Ubuntu?)
This can be achieved with the help of VBScript on the but unfortunately this solution will work only on Internet Explorer
Are there any ways to get the Windows (AD) user ID in Firefox as well as IE using JSP?
My requirement is very simple. I will store a list of User ID's on my Web application (XML file preferably) and will verify against the request and if the logged in user on Windows matches my list, the user can use my application.
This is a very simple application and the user base is very minimum.
Setup: Apache Tomcat v7.x, JSP
This question may have been asked many times but I still don't see a proper way to do this
I guess what you are looking for is Windows Authentication. Tomcat has built-in support for what you want.
I've been mucking around with GlassFish v3 prelude this evening. A couple of things I'm not sure about is how the security works.
It installed like a dream, so the first thing I did was remove the anonymous account and setup an "admin" account with "mysecretpassword" and specified the asadmin group for this user in the admin realm.
At that point the stop-domain command stopped working from the console (and/or start menu shortcut). Fair enough, but the stop-domain command accepts a --user argument but then wants a --passwordfile path supplied which I didn't know where it was.
After some googling I chanced upon asaadmin login -p 4848 which created a password file in my documents and then stop-domain started working!
So the questions:
1) Is it possible to get stop-domain to prompt for a user/password?
2) This whole business of having a file with a (hashed) password doesn't sound great to me - why did they do it this way, and is it transferable, can it be disabled and if it can, how then do I stop the domain?
3) How do security realms work - as in what are they, and how do they differ?
4) What's the best resource (book, website, whatever) on GF v3?
Glassfish relies upon a "master-password" file which is used to control access to the core admin commands (notably asadmin).
This master password is used to encrypt assorted bits within the GF system and configuration. By default, it's store in the file $domain-dir/master-password.
If that file exists, then asadmin will not prompt for a password to make changes. If it does not exist, then it will prompt you. If you ever change the password, the system will automatically recreate this file.
Note, this isn't a role based thing, it's simply a password to the entire system.
So, that's the core password.
Next is the actual admin password.
When you create a domain, it asks you for an admin name and password. This information is stored in ~/.asadminpass file.
So, in the simple case of a local install, you can use asadmin without passwords or user information.
If you delete that file, then you will be prompted for a user and password.
The admin passwords are managed in the "admin-realm" within the app server.
Realms are a Java EE construct used to represent authentication and authorization stores.
Realms provide user name, password, and role information.
By default GF uses file realms for its security information. Out of the box you have a "admin-realm" which is for users of the admin console. There is also an empty "file" realm for use by applications. Out of the box, Glassfish also supports and LDAP realm and a JDBC realm where credentials are stored in an LDAP and RDBMS respectively.
The Glassfish website and forums are currently the best resources available for this. It's a bit of a muddy time as v3 is still being worked on (v3 Prelude is just that, a prelude to the final release later this year), but there is still a lot of overlap with v2.
GlassFish v3 Prelude Domain Start Failed
first think stop any one server which is running in system --
Exam:- suppose you using glass fish server and netbeansIDE both are working on your system so when you want compile your application so that time you can stop your glassfish server then compile and run your application within netbeans IDE it's working