Orbeon Forms community mailing list

Synchronize Users (Orbeon+Tomcat+phpBB)

Classic

List

Threaded

6 messages Options

masjab-2

Synchronize Users (Orbeon+Tomcat+phpBB)

Hey all,

does anyone know how I can sync the users in the following system:

1) phpBB forum which (I think) stores it´s users in a mySQL db

2) same users should be mapped to my orbeon-app which uses the "tomcat-users.xml" file for authentication

Any good idea?

THX

MAse

--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
OW2 mailing lists service home page: http://www.ow2.org/wws

richhl

Re: Synchronize Users (Orbeon+Tomcat+phpBB)

On Wed, 14 May 2008 13:26:20 +0200
Masen J <[hidden email]> wrote:

> Hey all,
>
> does anyone know how I can sync the users in the following system:
>
> 1) phpBB forum which (I think) stores it´s users in a mySQL db
> 2) same users should be mapped to my orbeon-app which uses the "tomcat-
> users.xml" file for authentication
>
> Any good idea?
> THX
> MAse

maybe use the mysql phpBB database as data source for identification in tomcat instead of tomcat-users.xml?

greetings

rich

--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
OW2 mailing lists service home page: http://www.ow2.org/wws

masjab-2

Re: Re: Synchronize Users (Orbeon+Tomcat+phpBB)

and how?

Am 14.05.2008 um 14:01 schrieb Richard C. Hidalgo Lorite:

> On Wed, 14 May 2008 13:26:20 +0200
> Masen J <[hidden email]> wrote:
>
>> Hey all,
>>
>> does anyone know how I can sync the users in the following system:
>>
>> 1) phpBB forum which (I think) stores it´s users in a mySQL db
>> 2) same users should be mapped to my orbeon-app which uses the
>> "tomcat-
>> users.xml" file for authentication
>>
>> Any good idea?
>> THX
>> MAse
>
> maybe use the mysql phpBB database as data source for identification
> in tomcat instead of tomcat-users.xml?
>
> greetings
>
> rich
>
> --
> You receive this message as a subscriber of the [hidden email]
> mailing list.
> To unsubscribe: mailto:[hidden email]
> For general help: mailto:[hidden email]?subject=help
> OW2 mailing lists service home page: http://www.ow2.org/wws

fl.schmitt(ops-users)

Re: Re: Re: Synchronize Users (Orbeon+Tomcat+phpBB)

hi Masen,

>> maybe use the mysql phpBB database as data source for
>> identification in tomcat instead of tomcat-users.xml?

> and how?

A way could be to use a JDBCRealm as shown in the tomcat docs:

http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html#JDBCRealm

But personally i don't have any experience with that.

HTH
florian

--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
OW2 mailing lists service home page: http://www.ow2.org/wws

masjab-2

Re: Re: Re: Re: Synchronize Users (Orbeon+Tomcat+phpBB)

Hey,

I was able to do the authentication via mysql (table that holds users(username+pass) and roles(username+role)). Now I will try to get these from the table that phpBB is working on...

But still I have the following problem:

MY SECURITY CONSTRAINT!!!!

I need to know divide my App into admin(access to all) and user(to all but with some restrictions). I already asked in "Help with login"...but still it´s not working for me...

If I want only the manager-group to get access to the edit-page (see below--> <url-pattern>/myApp/edit/*</url-pattern>) my web.xml is working fine with one exception:

Case1)

i) user clicks on edit and is redirected to loginpage:

ii) writes an unknown user into "user"

-->

You entered an invalid login. Please try again.

(good)

Case2)

i) user clicks on edit and is redirected to loginpage:

ii) writes an known user into "user" but the user is not in the manager-group

-->

HTTP Status 403 - Access to the requested resource has been denied

type Status report

message Access to the requested resource has been denied

description Access to the specified resource (Access to the requested resource has been denied) has been forbidden.

Apache Tomcat/5.5.23

(bad) cuz I need to restart my browser to get any chance to login again....

<security-constraint>

<web-resource-collection>

<web-resource-name>myApp</web-resource-name>

<url-pattern>/myApp/edit/*</url-pattern>

</web-resource-collection>

<auth-constraint>

<role-name>manager</role-name>

</auth-constraint>

</security-constraint>

<login-config>

<auth-method>FORM</auth-method>

<form-login-config>

<form-login-page>/myApp/login</form-login-page>

<form-error-page>/myApp/login-error</form-error-page>

</form-login-config>

<realm-name>myApp</realm-name>

</login-config>

<security-role>

<role-name>manager</role-name>

</security-role>

Still I don´t know how to make the page accessible to two different groups:

1) manager-group (roles)

2) users (should not be able to get into the edit area...)

But the whole page should me not accesible to anyone else, so you need to be at least in one of those groups...

Please, I am not able to edit my web.xml to work as I want..maybe someone has the same problem. I thought it´s a common situation...

THX

Am 14.05.2008 um 15:32 schrieb Florian Schmitt:

hi Masen,

maybe use the mysql phpBB database as data source for
identification in tomcat instead of tomcat-users.xml?

and how?

A way could be to use a JDBCRealm as shown in the tomcat docs:

http://tomcat.apache.org/tomcat-5.5-doc/realm-howto.html#JDBCRealm

But personally i don't have any experience with that.

HTH
florian

--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
OW2 mailing lists service home page: http://www.ow2.org/wws

fl.schmitt(ops-users)

Re: Re: Re: Re: Re: Synchronize Users (Orbeon+Tomcat+phpBB)

hi Masen,

i'm not using multiple user roles for authentication, but i will try to
help...

> <security-constraint>
> <web-resource-collection>

<web-resource-name>myApp (Manager)</web-resource-name>

> <url-pattern>/myApp/edit/*</url-pattern>
> </web-resource-collection>
> <auth-constraint>
> <role-name>manager</role-name>
> </auth-constraint>
> </security-constraint>

<security-constraint>
<web-resource-collection>
<web-resource-name>myApp (user)</web-resource-name>
<url-pattern>/myApp/read/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>

> <login-config>
> <auth-method>FORM</auth-method>
> <form-login-config>
> <form-login-page>/myApp/login</form-login-page>
> <form-error-page>/myApp/login-error</form-error-page>
> </form-login-config>
> <realm-name>myApp</realm-name>
> </login-config>
>
> <security-role>
> <role-name>manager</role-name>

<role-name>user</role-name>

> </security-role>

i think you're needing another security-constraint section for the
user-group. Additionaly, you will have to add the user-group to the
security-role section.

I'm not sure about the 403 forbidden message - maybe the login-error
page was in the protected area, too?

HTH
florian

--
You receive this message as a subscriber of the [hidden email] mailing list.
To unsubscribe: mailto:[hidden email]
For general help: mailto:[hidden email]?subject=help
OW2 mailing lists service home page: http://www.ow2.org/wws