It's all about the answers!

Ask a question

LDAP - BlueGroups


Pho Le (11) | asked Feb 20 '08, 4:09 p.m.
JAZZB2A installed on WAS61 + DB2 + LDAP.
Logon from Web https://x.xx.xxx.xxx:9443/jazz/web authentication is working correctly. Intranet ID and Password must be provided in order to access.
Connect from Client https://x.xx.xxx.xxx:9443/jazz authentication is NOT working correctly. Intranet ID is checked but a blank(or anything) in the password field still make a good connection.

Any suggestion ? Thanks

Found the answer:
Need to insert in web.xml
<!-- Added to enable basic authentication for Jazz -->
<security-constraint>
<web-resource-collection>
<web-resource-name>secure</web-resource-name>
<url-pattern>/secure/*</url-pattern>
<url-pattern>/service/*</url-pattern>
<url-pattern>/resource/*</url-pattern>
<url-pattern>/resources/*</url-pattern>
<url-pattern>/projects/*</url-pattern>
<url-pattern>/users/*</url-pattern>
<url-pattern>/indexing-rules/*</url-pattern>
</web-resource-collection>

Update:
There are 2 web.xml. The one point bt Richie is the correct one->
\profiles\AppSrv01\config\cells\hostnameNode01Cell\applications\jazz_war.ear\deployments\jazz_war\jazz.war\WEB-INF
Also notice there is known bug and it is fixed in M5. If your code is before M5 need to change FORM to BASIC in the same xml.

<login-config>
<auth-method>BASIC</auth-method>
<form-login-config>
<form-login-page>/auth/authrequired</form- login-page>
<form-error-page>/auth/authfailed</form- error-page>
</form-login-config>
</login-config>

8 answers



permanent link
Ritchie Schacher - IBM (47611) | answered Feb 25 '08, 1:18 p.m.
FORUM MODERATOR / JAZZ DEVELOPER
You need to secure the app by editing the web.xml file.

See the server setup documentation, in the file
<install>\jazz\server\index.html

Section
"Manage Jazz Security", step 3

--
Ritchie

**********************************************
Ritchie Schacher
Jazz Repository/Server Team
"phohle" <phohle@us.ibm-dot-com.no-spam.invalid> wrote in message
news:fpi5e3$7ji$1@localhost.localdomain...
JAZZB2A installed on WAS61 + DB2 + LDAP.
Logon from Web https://x.xx.xxx.xxx:9443/jazz/web authentication is
working correctly. Intranet ID and Password must be provided in order
to access.
Connect from Client https://x.xx.xxx.xxx:9443/jazz authentication is
NOT working correctly. Intranet ID is checked but a blank(or
anything) in the password field still make a good connection.

Any suggestion ? Thanks

permanent link
yu wang (4886044) | answered Feb 26 '08, 3:05 a.m.
step 3 is for tomcat ,it's not for WebSphere.
And I try ,it can't solve the question

permanent link
Balaji Krish (1.8k12) | answered Feb 26 '08, 6:18 p.m.
JAZZ DEVELOPER
I believe you should unzip the jazz.war, edit the web.xml under WEB-INF
directory and zip the war file before deploy.

--- Balaji

"openeis" <wangwyu@cn.ibm-dot-com.no-spam.invalid> wrote in message
news:fq0hd3$is5$1@localhost.localdomain...
step 3 is for tomcat ,it's not for WebSphere.
And I try ,it can't solve the question

permanent link
yu wang (4886044) | answered Feb 26 '08, 8:30 p.m.
I changed \AppServer\profiles\jazz\installedApps\hostnameNode01Cell\jazz_war.ear\jazz.war\WEB-INF\web.xml
as the following :

<!-- Added to enable basic authentication for Jazz -->
<security-constraint>
<web-resource-collection>
<web-resource-name>secure</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>

but it's same (a blank in the password field still make a good connection.).

permanent link
Richard Backhouse (6661) | answered Feb 26 '08, 10:08 p.m.
JAZZ DEVELOPER
You changed the wrong file. WAS uses the descriptor found in the config
directory of a profile. Change the one in this directory :

\profiles\AppSrv01\config\cells\hostnameNode01Cell\applications\jazz_war.ear\deployments\jazz_war\jazz.war\WEB-INF

Richard
Jazz WebUI and Server Development

openeis wrote:
I changed
\AppServer\profiles\jazz\installedApps\hostnameNode01Cell\jazz_war.ear\jazz.war\WEB-INF\web.xml
as the following :

!-- Added to enable basic authentication for Jazz --
<security-constraint
<web-resource-collection
<web-resource-name>secure</web-resource-name
<url-pattern>/*</url-pattern
</web-resource-collection

but it's same (a blank in the password field still make a good
connection.).

permanent link
yu wang (4886044) | answered Mar 03 '08, 12:23 a.m.
After Changing the one in this directory :

\profiles\AppSrv01\config\cells\hostnameNode01Cell\applications\jazz_war.ear\deployments\jazz_war\jazz.war\WEB-INF

it display the following message when client log on

connection error :return code 302 from http request:Found


how to do?

permanent link
yu wang (4886044) | answered Mar 04 '08, 9:21 p.m.
Who can help me solve above question?

permanent link
yu wang (4886044) | answered Mar 17 '08, 5:46 a.m.
it fixed in m5.
I have tried.

Your answer


Register or to post your answer.