LDAP - BlueGroups
JAZZB2A installed on WAS61 + DB2 + LDAP.
Logon from Web https://x.xx.xxx.xxx:9443/jazz/web authentication is working correctly. Intranet ID and Password must be provided in order to access.
Connect from Client https://x.xx.xxx.xxx:9443/jazz authentication is NOT working correctly. Intranet ID is checked but a blank(or anything) in the password field still make a good connection.
Any suggestion ? Thanks
Found the answer:
Need to insert in web.xml
<!-- Added to enable basic authentication for Jazz -->
<security-constraint>
<web-resource-collection>
<web-resource-name>secure</web-resource-name>
<url-pattern>/secure/*</url-pattern>
<url-pattern>/service/*</url-pattern>
<url-pattern>/resource/*</url-pattern>
<url-pattern>/resources/*</url-pattern>
<url-pattern>/projects/*</url-pattern>
<url-pattern>/users/*</url-pattern>
<url-pattern>/indexing-rules/*</url-pattern>
</web-resource-collection>
Update:
There are 2 web.xml. The one point bt Richie is the correct one->
\profiles\AppSrv01\config\cells\hostnameNode01Cell\applications\jazz_war.ear\deployments\jazz_war\jazz.war\WEB-INF
Also notice there is known bug and it is fixed in M5. If your code is before M5 need to change FORM to BASIC in the same xml.
<login-config>
<auth-method>BASIC</auth-method>
<form-login-config>
<form-login-page>/auth/authrequired</form- login-page>
<form-error-page>/auth/authfailed</form- error-page>
</form-login-config>
</login-config>
Logon from Web https://x.xx.xxx.xxx:9443/jazz/web authentication is working correctly. Intranet ID and Password must be provided in order to access.
Connect from Client https://x.xx.xxx.xxx:9443/jazz authentication is NOT working correctly. Intranet ID is checked but a blank(or anything) in the password field still make a good connection.
Any suggestion ? Thanks
Found the answer:
Need to insert in web.xml
<!-- Added to enable basic authentication for Jazz -->
<security-constraint>
<web-resource-collection>
<web-resource-name>secure</web-resource-name>
<url-pattern>/secure/*</url-pattern>
<url-pattern>/service/*</url-pattern>
<url-pattern>/resource/*</url-pattern>
<url-pattern>/resources/*</url-pattern>
<url-pattern>/projects/*</url-pattern>
<url-pattern>/users/*</url-pattern>
<url-pattern>/indexing-rules/*</url-pattern>
</web-resource-collection>
Update:
There are 2 web.xml. The one point bt Richie is the correct one->
\profiles\AppSrv01\config\cells\hostnameNode01Cell\applications\jazz_war.ear\deployments\jazz_war\jazz.war\WEB-INF
Also notice there is known bug and it is fixed in M5. If your code is before M5 need to change FORM to BASIC in the same xml.
<login-config>
<auth-method>BASIC</auth-method>
<form-login-config>
<form-login-page>/auth/authrequired</form- login-page>
<form-error-page>/auth/authfailed</form- error-page>
</form-login-config>
</login-config>
8 answers
You need to secure the app by editing the web.xml file.
See the server setup documentation, in the file
<install>\jazz\server\index.html
Section
"Manage Jazz Security", step 3
--
Ritchie
**********************************************
Ritchie Schacher
Jazz Repository/Server Team
"phohle" <phohle@us.ibm-dot-com.no-spam.invalid> wrote in message
news:fpi5e3$7ji$1@localhost.localdomain...
See the server setup documentation, in the file
<install>\jazz\server\index.html
Section
"Manage Jazz Security", step 3
--
Ritchie
**********************************************
Ritchie Schacher
Jazz Repository/Server Team
"phohle" <phohle@us.ibm-dot-com.no-spam.invalid> wrote in message
news:fpi5e3$7ji$1@localhost.localdomain...
JAZZB2A installed on WAS61 + DB2 + LDAP.
Logon from Web https://x.xx.xxx.xxx:9443/jazz/web authentication is
working correctly. Intranet ID and Password must be provided in order
to access.
Connect from Client https://x.xx.xxx.xxx:9443/jazz authentication is
NOT working correctly. Intranet ID is checked but a blank(or
anything) in the password field still make a good connection.
Any suggestion ? Thanks
I believe you should unzip the jazz.war, edit the web.xml under WEB-INF
directory and zip the war file before deploy.
--- Balaji
"openeis" <wangwyu@cn.ibm-dot-com.no-spam.invalid> wrote in message
news:fq0hd3$is5$1@localhost.localdomain...
directory and zip the war file before deploy.
--- Balaji
"openeis" <wangwyu@cn.ibm-dot-com.no-spam.invalid> wrote in message
news:fq0hd3$is5$1@localhost.localdomain...
step 3 is for tomcat ,it's not for WebSphere.
And I try ,it can't solve the question
I changed \AppServer\profiles\jazz\installedApps\hostnameNode01Cell\jazz_war.ear\jazz.war\WEB-INF\web.xml
as the following :
<!-- Added to enable basic authentication for Jazz -->
<security-constraint>
<web-resource-collection>
<web-resource-name>secure</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
but it's same (a blank in the password field still make a good connection.).
as the following :
<!-- Added to enable basic authentication for Jazz -->
<security-constraint>
<web-resource-collection>
<web-resource-name>secure</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
but it's same (a blank in the password field still make a good connection.).
You changed the wrong file. WAS uses the descriptor found in the config
directory of a profile. Change the one in this directory :
\profiles\AppSrv01\config\cells\hostnameNode01Cell\applications\jazz_war.ear\deployments\jazz_war\jazz.war\WEB-INF
Richard
Jazz WebUI and Server Development
openeis wrote:
directory of a profile. Change the one in this directory :
\profiles\AppSrv01\config\cells\hostnameNode01Cell\applications\jazz_war.ear\deployments\jazz_war\jazz.war\WEB-INF
Richard
Jazz WebUI and Server Development
openeis wrote:
I changed
\AppServer\profiles\jazz\installedApps\hostnameNode01Cell\jazz_war.ear\jazz.war\WEB-INF\web.xml
as the following :
!-- Added to enable basic authentication for Jazz --
<security-constraint
<web-resource-collection
<web-resource-name>secure</web-resource-name
<url-pattern>/*</url-pattern
</web-resource-collection
but it's same (a blank in the password field still make a good
connection.).