> Hi folks.
> Could anybody help me how to secure Form Builder from unauthorised access?
> I tried to do it using Apache front-end as described
> at
http://wiki.orbeon.com/forms/doc/user-guide/form-runner-user-guide#TOC-Form-Runner-access-and-authenticati> I have in httpd conf:
> <LocationMatch /orbeon-3.8.0.post.201012130847-CE/fr/orbeon/builder>
> AuthType Basic
> AuthName "Orbeon Forms"
> AuthUserFile /var/www/htpasswd
> Require valid-user
> </LocationMatch>
> (Complete conf is below if necessary).
> It allows anonymous user to access published forms and requires auth for
> Form Builder access - great.
> But after I enter correct login/password I see empty summary of Form Builder
> (no form definitions). In orbeon.log I see the following:
> 2010-12-13 19:56:55,077 INFO ProcessorService -
> /fr/service/exist/search/orbeon/builder - Received request
> 2010-12-13 19:56:55,330 ERROR XFormsServer - xforms-submit-error - response
> {status code: "401"}
> 2010-12-13 19:56:55,331 ERROR XFormsServer - xforms-submit-error - response
> headers {content-type: "text/html;charset=utf-8", connection: "close",
> www-authenticate: "Basic realm="exist"", content-length: "954", date: "Mon,
> 13 Dec 2010 16:56:55 GMT"}
> ...(Complete log is below.)...
> It looks like accessing eXist requires some kind of credentials now. But
> why? LocationMatch should not match.
> Could anybody please tell me what I did wrong?
>
> Best regards,
> Alexey
> P.S. I use version from git now but I encounter the same problem on 3.8.0
> CE/PE.
> =================================
> Complete entry in httpd.conf
> =================================
> <VirtualHost *:80>
> ServerAdmin
[hidden email]
> ServerName www.example.com
> ErrorLog logs/proxy-error_log
> CustomLog logs/proxy-access_log common
> ProxyRequests Off
> ProxyPreserveHost On
> ProxyPass /orbeon-3.8.0.post.201012130847-CE
> ajp://localhost:9090/orbeon-3.8.0.post.201012130847-CE
> ProxyPassReverse /orbeon-3.8.0.post.201012130847-CE
> ajp://localhost:9090/orbeon-3.8.0.post.201012130847-CE
> <LocationMatch /orbeon-3.8.0.post.201012130847-CE/fr/orbeon/builder>
> AuthType Basic
> AuthName "Orbeon Forms"
> AuthUserFile /var/www/htpasswd
> Require valid-user
> </LocationMatch>
> </VirtualHost>
> =================================
>
> =================================
> Complete error in orbeon.log
> =================================
> 2010-12-13 19:56:55,077 INFO ProcessorService -
> /fr/service/exist/search/orbeon/builder - Received request
> 2010-12-13 19:56:55,330 ERROR XFormsServer - xforms-submit-error - response
> {status code: "401"}
> 2010-12-13 19:56:55,331 ERROR XFormsServer - xforms-submit-error - response
> headers {content-type: "text/html;charset=utf-8", connection: "close",
> www-authenticate: "Basic realm="exist"", content-length: "954", date: "Mon,
> 13 Dec 2010 16:56:55 GMT"}
> 2010-12-13 19:56:55,335 ERROR XFormsServer - xforms-submit-error - setting
> body string {body: "
> <html><head><title>Apache Tomcat/5.5.27 - Error report</title><style><!--H1
> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;}
> H2
> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;}
> H3
> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;}
> BODY
> {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B
> {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;}
> P
> {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A
> {color : black;}A.name {color : black;}HR {color : #525D76;}--></style>
> </head><body><h1>HTTP Status 401 - </h1><HR size="1"
> noshade="noshade"><p><b>type</b> Status report</p><p><b>message</b>
> <u></u></p><p><b>description</b> <u>This request requires HTTP
> authentication ().</u></p><HR size="1" noshade="noshade"><h3>Apache
> Tomcat/5.5.27</h3></body></html>"}
> 2010-12-13 19:56:55,351 ERROR XFormsServer - xforms-submit-error - setting
> throwable {throwable:
> "org.orbeon.oxf.xforms.submission.XFormsSubmissionException: (processing
> submission response): xforms:submission for submission id:
> fr-default-submission, error code received when submitting instance: 401
> null, line -1, column -1: xforms:submission for submission id:
> fr-default-submission, error code received when submitting instance: 401
> at
> org.orbeon.oxf.xforms.submission.XFormsModelSubmission.getReplacer(XFormsModelSubmission.java:659)
> at
> org.orbeon.oxf.xforms.submission.RegularSubmission$1.call(RegularSubmission.java:104)
> at
> org.orbeon.oxf.xforms.submission.RegularSubmission$1.call(RegularSubmission.java:76)
> at
> org.orbeon.oxf.xforms.submission.BaseSubmission.submitCallable(BaseSubmission.java:218)
> at
> org.orbeon.oxf.xforms.submission.RegularSubmission.connect(RegularSubmission.java:127)
> at
> org.orbeon.oxf.xforms.submission.XFormsModelSubmission.doSubmit(XFormsModelSubmission.java:444)
> =================================
>
> --
> You receive this message as a subscriber of the
[hidden email] mailing
> list.
> To unsubscribe: mailto:
[hidden email]
> For general help: mailto:
[hidden email]?subject=help
> OW2 mailing lists service home page:
http://www.ow2.org/wws>
>