Documente Academic
Documente Profesional
Documente Cultură
InTomcat5.5locatetheContextconfigurationfile:
<TOMCATDIR>\conf\Catalina\localhost\<WebAppName>.xml
Inatypicalinstallationthepathwouldbe:
<TOMCATDIR>\conf\Catalina\localhost\BrowserWeb.xml
Ensurethatthefollowingentriesexist:
<Contextreload="true"><RealmappName="T24"
className="org.apache.catalina.realm.JAASRealm"
roleClassNames="com.temenos.t24browser.security.authentication.T24RolePr
incipal"
userClassNames="com.temenos.t24browser.security.authentication.T24UserPr
incipal,com.temenos.t24browser.security.authentication.T24Principal"/>
</Context>
Createafileandcallitt24BasicAuth.config
Enterthefollowingtext:
T24{
com.temenos.t24browser.security.authentication.BasicAuthLoginModule
Requisitedebug="true";};
Savethisfiletoalocationofyourchoicee.g.C:\JAASConfig\T24Browser\
TelltheTomcatserverjavaVMtousethisauthorisationloginconfigurationfileviaacommand
lineparameter:
Djava.security.auth.login.config="C:\JAASConfig\T24Browser\t24BasicAuth.config"
4) Login to T24
Oncetheabovehasbeenconfiguredcorrectly,andthewebserverfullreset,itispossibletotestthis
functionalitybyattemptingtologintoT24.
AssoonastheusernavigatestotheT24BrowserURLe.g.
http://localhost:8080/BrowserWeb/servlet/BrowserServlet
AdialogwillappeartopromptforaUsername&Password.TheT24usernameandpasswordshouldbe
suppliedandOKpressed.
IfthecredentialssuppliedarevalidthentheuserwillbepresentedwiththeappropriateT24homepage.If
thecredentialsarenotvalidandresultinaSECURITYVIOLATIONthentheservletwillrespondwitha
HTTPerror401unauthorised.
NOTE:DuetowebbrowserssuchasIE&Firefoxcachingtheusercredentialsandautomaticallyre
submittingthemwhenrequired,itisnecessarytoclosethebrowserwindowbeforeanalternativesetof
credentialscanbesupplied.ThisisstandardbehaviourofwebbrowsersandBASICauthentication.
Toreceiveauthorisation,theclientsendstheusernameandpassword,separatedbyasinglecolon(":")
character,withinabase64encodedstringinthecredentials
Iftheuseragentwishestosendtheusername"Aladdin"andpassword"opensesame",itwouldusethe
followingheaderfield:
Authorization:BasicQWxhZGRpbjpvcGVuIHNlc2FtZQ==
Userscanbeauthorised&loggedontoT24inonestep.Ifthecredentialsarenotvalidandresultina
SECURITYVIOLATIONthentheservletwillrespondwithaHTTPerror401unauthorised.
Agenericcustomisablepageisdesignedforsignoutfromt24andforothererrorscenarios.
ToallowtheusertologintotheT24Browser,followingchangesneedtobedoneintheOFS.SOURCE
recordofbrowser.
OFS.SOURCErecordupdated
IfthevalueforthefieldATTRIBUTESissetasPREAUTHENTICATEDandifvalueforthefield
SOURCE.TYPEissetasSESSION,T24BROWSERuserwillbetreatedaspreauthenticateduser.Only
signonnameauthenticationwillbedone.