JDBC Realm by-passing login page using a link
Is it possible to pass login info in a link and then based on this information set the JDBC realm status to logged in? In other words is it possible to trigger the authentication manually in a filter? Thanks! /Fredrik - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm by-passing login page using a link
It is my understanding that the JDBC realm will execute prior to any filters or other servlets, so I wouldn't think this would be possible unless you perform your own authentication - possibly in a filter - to do just what you're looking for. -Original Message- From: Fredrik Liden [mailto:[EMAIL PROTECTED] Sent: Thursday, March 10, 2005 1:40 PM To: Tomcat Users List Subject: JDBC Realm by-passing login page using a link Is it possible to pass login info in a link and then based on this information set the JDBC realm status to logged in? In other words is it possible to trigger the authentication manually in a filter? Thanks! /Fredrik - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
How to make my error page in the case of BASIC JDBC realm
Hi, I am using Tomcat 5.x. I am using BASIC JDBC Realm. I want to make my own error page as the error page in the case of HTTP Status 401 error. This error comes when I click on Cancel button when the realm asks for user name and password. Any one knowing this stuff, kindly reply. Thanks in advance. Joby Joseph. Confidentiality Notice The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain confidential or privileged information. If you are not the intended recipient, please notify the sender at Wipro or [EMAIL PROTECTED] immediately and destroy all copies of this message and any attachments.
Re: LogOut from JDBC Realm
Hi there - Thanks for the responses and sorry to get back to this - I haven't made any progress and have had other problems (challenges?) to fix first! I have a link to a logout servlet with the doGet() method below. Using eclipse debugging shows that the session isValid=false on invalidate correctly. However clicking back on the browser creates a new session (with isValid=true)in my session handling function called from every page (except logout): public static HttpSession setSessionData (HttpServletRequest request) { HttpSession session = request.getSession(true); if (session.getAttribute(viewmode) ==null) session.setAttribute(viewmode, B); ... } So it doesn't seem that invalidate() is destroying the authentication - only clearing a session which can be recreated. Should I check if the session is invalid and forward to my logout page if so, or is there a way of invalidating the login info? Can anyone shed some photons on this. TC :5.0.19, Solaris 9, Mysql 4.something - JDBC Realm, SSL + filter giving Cache-Control - private,no-cache,no-store Chris Chappell public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType(text/html); PrintWriter out = response.getWriter(); HttpSession session = request.getSession(); session.invalidate(); out.println(GeneralUI.htmlHeader()); out.println(table width=100%tr height=200 valign=centertd align=centerGoodbye - you are now logged out/td/tr/table); out.println(GeneralUI.htmlFooter()); return; } On Tuesday 23 November 2004 17:09, Chris Chappell wrote: Hi there Hi, Can anyone give me a pointer how to logout a JDBC Realm authenticated user without closing the browser. E.g. I need a log out button which forwards to a goodbye page and does something like this (fictitious) userSession.expire(); I've had a trawl thriough the docs etc and nothing springs to obvious use. Using SSL though don't think this would change anything re this. Just include this: % session.invalidate(); % it works on both 8080 (normal) and 8443 (ssl) connections. (TC 5.0.19 on Sol9 + MySQL 4)
RE: LogOut from JDBC Realm
instead of doing this, on your logout confirm JSP, use a meta expires tag to kill everything, then back will not function. http://www.htmlhelp.com/reference/wilbur/head/meta.html -Original Message- From: Chris Chappell [mailto:[EMAIL PROTECTED] Sent: 02 December 2004 11:52 To: [EMAIL PROTECTED] Subject: Re: LogOut from JDBC Realm Hi there - Thanks for the responses and sorry to get back to this - I haven't made any progress and have had other problems (challenges?) to fix first! I have a link to a logout servlet with the doGet() method below. Using eclipse debugging shows that the session isValid=false on invalidate correctly. However clicking back on the browser creates a new session (with isValid=true)in my session handling function called from every page (except logout): public static HttpSession setSessionData (HttpServletRequest request) { HttpSession session = request.getSession(true); if (session.getAttribute(viewmode) ==null) session.setAttribute(viewmode, B); ... } So it doesn't seem that invalidate() is destroying the authentication - only clearing a session which can be recreated. Should I check if the session is invalid and forward to my logout page if so, or is there a way of invalidating the login info? Can anyone shed some photons on this. TC :5.0.19, Solaris 9, Mysql 4.something - JDBC Realm, SSL + filter giving Cache-Control - private,no-cache,no-store Chris Chappell public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { response.setContentType(text/html); PrintWriter out = response.getWriter(); HttpSession session = request.getSession(); session.invalidate(); out.println(GeneralUI.htmlHeader()); out.println(table width=100%tr height=200 valign=centertd align=centerGoodbye - you are now logged out/td/tr/table); out.println(GeneralUI.htmlFooter()); return; } On Tuesday 23 November 2004 17:09, Chris Chappell wrote: Hi there Hi, Can anyone give me a pointer how to logout a JDBC Realm authenticated user without closing the browser. E.g. I need a log out button which forwards to a goodbye page and does something like this (fictitious) userSession.expire(); I've had a trawl thriough the docs etc and nothing springs to obvious use. Using SSL though don't think this would change anything re this. Just include this: % session.invalidate(); % it works on both 8080 (normal) and 8443 (ssl) connections. (TC 5.0.19 on Sol9 + MySQL 4) FONT SIZE=1 FACE=VERDANA,ARIAL COLOR=BLUE --- QAS Ltd. Developers of QuickAddress Software a href=http://www.qas.com;www.qas.com/a Registered in England: No 2582055 Registered in Australia: No 082 851 474 --- /FONT
LogOut from JDBC Realm
Hi there Can anyone give me a pointer how to logout a JDBC Realm authenticated user without closing the browser. E.g. I need a log out button which forwards to a goodbye page and does something like this (fictitious) userSession.expire(); I've had a trawl thriough the docs etc and nothing springs to obvious use. Using SSL though don't think this would change anything re this. Cheers, Sorry if this appears 2*, 1st time seemed to get lost :-( Chris Chappell (TC 5.0.19 on Sol9 + MySQL 4)
RE: LogOut from JDBC Realm
Hi, You mean like session.invalidate()? ;) Yoav Shapira http://www.yoavshapira.com -Original Message- From: Chris Chappell [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 23, 2004 10:10 AM To: [EMAIL PROTECTED] Subject: LogOut from JDBC Realm Hi there Can anyone give me a pointer how to logout a JDBC Realm authenticated user without closing the browser. E.g. I need a log out button which forwards to a goodbye page and does something like this (fictitious) userSession.expire(); I've had a trawl thriough the docs etc and nothing springs to obvious use. Using SSL though don't think this would change anything re this. Cheers, Sorry if this appears 2*, 1st time seemed to get lost :-( Chris Chappell (TC 5.0.19 on Sol9 + MySQL 4) This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: LogOut from JDBC Realm
Yoav Well I tried this, but it didn't seem to make any difference so I thought maybe it was just resetting the session vars. But I'll have another play with it. Ceeres Chris Chappell Subject: RE: LogOut from JDBC Realm Hi, You mean like session.invalidate()? ;) Yoav Shapira http://www.yoavshapira.com -Original Message- From: Chris Chappell [mailto:[EMAIL PROTECTED] Sent: Tuesday, November 23, 2004 10:10 AM To: [EMAIL PROTECTED] Subject: LogOut from JDBC Realm Hi there Can anyone give me a pointer how to logout a JDBC Realm authenticated user without closing the browser. E.g. I need a log out button which forwards to a goodbye page and does something like this (fictitious) userSession.expire(); I've had a trawl thriough the docs etc and nothing springs to obvious use. Using SSL though don't think this would change anything re this. Cheers, Sorry if this appears 2*, 1st time seemed to get lost :-( Chris Chappell (TC 5.0.19 on Sol9 + MySQL 4) This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
LogOut from JDBC Realm
Hi there Can anyone give me a pointer how to logout a JDBC Realm authenticated user without closing the browser). E.g. I need a log out button with forwards to a goodbye page and does something like this (fictitious) userSession.expire(); I've had a trawl thriough the docs etc and nothing springs to obvious use. Using SSL though don't think this would change anything re this. Cheers Chris Chappell (TC 5.0.19 on Sol9 + MySQL 4)
Re: LogOut from JDBC Realm
Helloo u can do in following way map:match pattern=logout map:act type=session-invalidate/ map:act type=request map:parameter name=parameters value=true/ map:redirect-to uri=login/ /map:act /map:match Regards Deepak On Tue, 23 Nov 2004 Chris Chappell wrote : Hi there Can anyone give me a pointer how to logout a JDBC Realm authenticated user without closing the browser). E.g. I need a log out button with forwards to a goodbye page and does something like this (fictitious) userSession.expire(); I've had a trawl thriough the docs etc and nothing springs to obvious use. Using SSL though don't think this would change anything re this. Cheers Chris Chappell (TC 5.0.19 on Sol9 + MySQL 4)
Re: LogOut from JDBC Realm
On Tuesday 23 November 2004 17:09, Chris Chappell wrote: Hi there Hi, Can anyone give me a pointer how to logout a JDBC Realm authenticated user without closing the browser. E.g. I need a log out button which forwards to a goodbye page and does something like this (fictitious) userSession.expire(); I've had a trawl thriough the docs etc and nothing springs to obvious use. Using SSL though don't think this would change anything re this. Just include this: % session.invalidate(); % it works on both 8080 (normal) and 8443 (ssl) connections. Cheers, Sorry if this appears 2*, 1st time seemed to get lost :-( Chris Chappell (TC 5.0.19 on Sol9 + MySQL 4) Q -- Quinton Delpeche Internal Systems Developer Softline VIP Telephone: +27 12 420 7000 Direct:+27 12 420 7007 Facsimile: +27 12 420 7344 http://www.vippayroll.co.za/ President Thieu says he'll quit if he doesn't get more than 50% of the vote. In a democracy, that's not called quitting. -- The Washington Post pgp0z61iPkn0T.pgp Description: PGP signature
About JDBC Realm
Hi I use JDBC Realm (Tomcat 5) to authenticate users. Users with PRIVATE_ACCESS role can access Private Area (/private/*). But when I try to log in a user having PUBLIC_ACCESS role, Tomcat doesn't redirect the user to error.jsp page but redirect the user to something like this HTTP Status 403 - Access to the requested resource has been denied Below is an excerpt of my web.xml. Thanks anyway. security-constraint display-namePrivate Resource/display-name web-resource-collection web-resource-namePrivate Area/web-resource-name url-pattern/private/*/url-pattern !-- If you list http methods, only those methods are protected -- http-methodDELETE/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method /web-resource-collection auth-constraint !-- Anyone with one of the listed roles may access this area -- role-namePRIVATE_ACCESS/role-name /auth-constraint /security-constraint !-- Default login configuration uses form-based authentication -- login-config auth-methodFORM/auth-method realm-nameForm-Based Authentication Area/realm-name form-login-config form-login-page/login.jsp/form-login-page form-error-page/error.jsp/form-error-page /form-login-config /login-config !-- Security roles referenced by this web application -- security-role role-namePRIVATE_ACCESS/role-name /security-role security-role role-namePUBLIC_ACCESS/role-name /security-role - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Sv: Default User with JDBC Realm
Hi Mark! I'll guess that this quailfies as a quick and dirty solution but how about trying to make a programatic login in your login.htm page. Have the page do a request (response.sendRedirect or something) to the j_security_check with some Anonomuys authentication. Regards Roland Carlsson Den 04-10-24 20.32, skrev Mark Doppelfeld [EMAIL PROTECTED]: Because that would mean to maintain a lot of urls which are public (but don't) belong to the same sub url (like /public/... and /protected/...) QM wrote: On Sun, Oct 24, 2004 at 07:27:42PM +0200, Mark Doppelfeld wrote: : is there any way to have an Default User authenticated vs the JDBC Realm. : Our custom wants to have the user guest logged in by default, and you : can then 'login' with your credentials via an explicit link within the : webapp. Why not just make the guest-related areas public? -QM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Default User with JDBC Realm
Hi together, is there any way to have an Default User authenticated vs the JDBC Realm. Our custom wants to have the user guest logged in by default, and you can then 'login' with your credentials via an explicit link within the webapp. Thanks in advance Mark - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Default User with JDBC Realm
On Sun, Oct 24, 2004 at 07:27:42PM +0200, Mark Doppelfeld wrote: : is there any way to have an Default User authenticated vs the JDBC Realm. : Our custom wants to have the user guest logged in by default, and you : can then 'login' with your credentials via an explicit link within the : webapp. Why not just make the guest-related areas public? -QM -- software -- http://www.brandxdev.net tech news -- http://www.RoarNetworX.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Default User with JDBC Realm
Because that would mean to maintain a lot of urls which are public (but don't) belong to the same sub url (like /public/... and /protected/...) QM wrote: On Sun, Oct 24, 2004 at 07:27:42PM +0200, Mark Doppelfeld wrote: : is there any way to have an Default User authenticated vs the JDBC Realm. : Our custom wants to have the user guest logged in by default, and you : can then 'login' with your credentials via an explicit link within the : webapp. Why not just make the guest-related areas public? -QM - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC realm question answered
Argh... don't you hate it when you finally give up on the docs and post a question, then look at the docs and see the answer? Not sure how I missed it, but in: http://jakarta.apache.org/tomcat/tomcat-4.0-doc/realm-howto.html Under the heading Configuring a Realm, it says that where you insert the REALM tag in server.xml determines what scope it covers: inside ENGINE for server-wide inside HOST for for all webapps on that virtual host inside CONTEXT for only a specifi web application -- Steven J. Owens [EMAIL PROTECTED] I'm going to make broad, sweeping generalizations and strong, declarative statements, because otherwise I'll be here all night and this document will be four times longer and much less fun to read. Take it all with a grain of salt. - me, at http://darksleep.com/notablog - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Wrong file served after JDBC Realm authentication
I am trying to use the JDBC realm in my Tomcat web application and it mostly works, but after logging into the application, Tomcat sends the application's style.css file to my browser... I am using Tomcat 5.0.16 on a Fedora Core 2 system. I have configured the JDBC realm this way in conf/server.xml: Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.mysql.jdbc.Driver connectionURL=jdbc:mysql://localhost/authority connectionName=(REMOVED) connectionPassword=(REMOVED) userTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name / In my application's web/WEB-INF/web.xml file, there is this: welcome-file-list welcome-fileindex.jsp/welcome-file /welcome-file-list security-constraint web-resource-collection web-resource-nameDocument Munger/web-resource-name url-pattern/*/url-pattern /web-resource-collection auth-constraint role-namedocmungerUser/role-name /auth-constraint /security-constraint login-config auth-methodFORM/auth-method realm-nameDocument Munger/realm-name form-login-config form-login-page/login.jsp/form-login-page form-error-page/login-error.jsp/form-error-page /form-login-config /login-config security-role description This role includes all users who are allowed to use (but not administer) the service. /description role-namedocmungerUser/role-name /security-role The web/login.jsp file contains this: %@ include file=header.inc % FORM METHOD=POST ACTION=j_security_check Username:BR INPUT TYPE=text NAME=j_usernameBR Password:BR INPUT TYPE=password NAME=j_passwordBR INPUT TYPE=submit VALUE=Log in /FORM %@ include file=footer.inc % The web/header.inc file contains this: HTML HEAD LINK REL=StyleSheet HREF=style.css TYPE=text/css TITLE%= siteTitle %/TITLE META http-equiv=Content-Type content=text/html; charset=UTF-8 /HEAD BODY This is where the style.css filename comes from. There is indeed a web/style.css file. In the MySQL server, there is a users table that contains this: +---+---+ | user_name | user_pass | +---+---+ | george| (REMOVED) | +---+---+ There is also a user_roles table: +---+---+ | user_name | role_name | +---+---+ | george| docmungerUser | +---+---+ I use ant to install the application, then I send my browser (Galeon 1.3) to http://localhost:8080/docmunger/. The login form appears. I enter george and the password, and click Log in. Then my browser displays the style.css file... The location field of the browser now shows http://localhost:8080/docmunger/style.css. The catalina_log.2004-06-16.txt file says Username george successfully authenticated. If I now ask my browser to go to http://localhost:8080/docmunger/ again, then I finally reach the real front page of the application (index.jsp). If I remove the LINK line from web/header.inc and reload the application, then the problem disappears: I don't see style.css and I reach index.jsp right after logging in. I restarted Tomcat just before retrying this entire scenario. I also see nothing suspicious appear in the logs. I'm puzzled. What could cause this behavior, and how does Tomcat decide to send style.css? -- Pierre Sarrazin sarrazip at sympatico dot ca - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Wrong file served after JDBC Realm authentication
Pierre, I experienced a similar problem when using form based authentication and secured all requests (/*) from web.xml security-constraint web-resource-collection web-resource-nameMy Webapp/web-resource-name url-pattern/*/url-pattern /web-resource-collection auth-constraint role-nameuser/role-name /auth-constraint /security-constraint As a work around I placed all my images and css in a folder that did not require authentication. Hope that helps. Mr. Ariel S. Valentin mailto: [EMAIL PROTECTED] From: Pierre Sarrazin [EMAIL PROTECTED] Reply-To: Tomcat Users List [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Wrong file served after JDBC Realm authentication Date: Wed, 16 Jun 2004 23:19:09 -0400 I am trying to use the JDBC realm in my Tomcat web application and it mostly works, but after logging into the application, Tomcat sends the application's style.css file to my browser... I am using Tomcat 5.0.16 on a Fedora Core 2 system. I have configured the JDBC realm this way in conf/server.xml: Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.mysql.jdbc.Driver connectionURL=jdbc:mysql://localhost/authority connectionName=(REMOVED) connectionPassword=(REMOVED) userTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name / In my application's web/WEB-INF/web.xml file, there is this: welcome-file-list welcome-fileindex.jsp/welcome-file /welcome-file-list security-constraint web-resource-collection web-resource-nameDocument Munger/web-resource-name url-pattern/*/url-pattern /web-resource-collection auth-constraint role-namedocmungerUser/role-name /auth-constraint /security-constraint login-config auth-methodFORM/auth-method realm-nameDocument Munger/realm-name form-login-config form-login-page/login.jsp/form-login-page form-error-page/login-error.jsp/form-error-page /form-login-config /login-config security-role description This role includes all users who are allowed to use (but not administer) the service. /description role-namedocmungerUser/role-name /security-role The web/login.jsp file contains this: %@ include file=header.inc % FORM METHOD=POST ACTION=j_security_check Username:BR INPUT TYPE=text NAME=j_usernameBR Password:BR INPUT TYPE=password NAME=j_passwordBR INPUT TYPE=submit VALUE=Log in /FORM %@ include file=footer.inc % The web/header.inc file contains this: HTML HEAD LINK REL=StyleSheet HREF=style.css TYPE=text/css TITLE%= siteTitle %/TITLE META http-equiv=Content-Type content=text/html; charset=UTF-8 /HEAD BODY This is where the style.css filename comes from. There is indeed a web/style.css file. In the MySQL server, there is a users table that contains this: +---+---+ | user_name | user_pass | +---+---+ | george| (REMOVED) | +---+---+ There is also a user_roles table: +---+---+ | user_name | role_name | +---+---+ | george| docmungerUser | +---+---+ I use ant to install the application, then I send my browser (Galeon 1.3) to http://localhost:8080/docmunger/. The login form appears. I enter george and the password, and click Log in. Then my browser displays the style.css file... The location field of the browser now shows http://localhost:8080/docmunger/style.css. The catalina_log.2004-06-16.txt file says Username george successfully authenticated. If I now ask my browser to go to http://localhost:8080/docmunger/ again, then I finally reach the real front page of the application (index.jsp). If I remove the LINK line from web/header.inc and reload the application, then the problem disappears: I don't see style.css and I reach index.jsp right after logging in. I restarted Tomcat just before retrying this entire scenario. I also see nothing suspicious appear in the logs. I'm puzzled. What could cause this behavior, and how does Tomcat decide to send style.css? -- Pierre Sarrazin sarrazip at sympatico dot ca - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ Get fast, reliable Internet access with MSN 9 Dial-up now 3 months FREE! http://join.msn.click-url.com/go/onm00200361ave/direct/01/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Fw: JDBC Realm Problem
Hi , I 've installed tomcat 5.0.24 and i try to implement security by JDBC Realm and the context is Loaded in the web.xml i wrote that: security-constraint web-resource-collection web-resource-nameBACK OFFICE/web-resource-name url-pattern/carpetaUno/*/url-pattern /web-resource-collection auth-constraint role-nameAdministadorST/role-name /auth-constraint /security-constraint login-config auth-methodFORM/auth-method realm-nameTomcat Manager Application/realm-name form-login-config form-login-page/login.jsp/form-login-page form-error-page/error.jsp/form-error-page /form-login-config /login-config my directory structure is ST ---carpetaUno ---WEB-INF ---classes ---lib I 've configured a JDBCRealm in the administrator and i 've check that in this context file ST.xml. All seems is OK but it's doesn't work. I've made the same in Tomcat 4.1.24 and it's work , i have in my db 2 tables and its work in tomcat 4.1.24 Somebody can help me ? Best Regards Ignacio J. Tissera Java Developer Area de Desarrollo BRANDIGITAL (0054) 351 681931 www.brandigital.com [EMAIL PROTECTED]
JDBC Realm Problem
Hi , I 've installed tomcat 5.0.24 and i try to implement security byJDBC Realm and the context is Loaded in the web.xml i wrote that: security-constraint web-resource-collection web-resource-nameBACK OFFICE/web-resource-name url-pattern/carpetaUno/*/url-pattern /web-resource-collection auth-constraint role-nameAdministadorST/role-name /auth-constraint /security-constraint login-config auth-methodFORM/auth-method realm-nameTomcat Manager Application/realm-name form-login-config form-login-page/login.jsp/form-login-page form-error-page/error.jsp/form-error-page /form-login-config /login-config my directory structure is ST ---carpetaUno ---WEB-INF ---classes ---lib I 've configured a JDBCRealm in the administrator and i 've check that in this context file ST.xml. All seems is OK but it's doesen't work. I've made the same in Tomcat 4.1.24 and it's work,i have inmyDataBasei 2 tables and its work in tomcat 4.1.24 Somebody can help me ? TKS Ignacio J. TisseraJava DeveloperArea de DesarrolloBRANDIGITAL(0054) 351 681931www.brandigital.com[EMAIL PROTECTED] smime.p7s Description: S/MIME cryptographic signature
Extending Standard JDBC Realm
Hi, I'm running Tomcat 5.0.19 and I configured a JDBC realm. Everything works fine. Now instead of going to j_security_check to authenticate a user, I would like to go to my own servlet that would: 1 - Authenticate the user 2 - Do some other tasks before going to the next page (like loading user information,.). One way would be to extend the Realm and implement my own realm. What I would like to do is to extend j_security_check implemantation Now I could not figure out where to find j_security_check code. I thought this would be a servlet of some kind. Does anyone know where I should look at? Do you know any good books that explain how to extend realms with Tomcat and how j_security_check works? Thanks. Richard
[NEWBIE] Setting up a JDBC Realm and using RequestDispatcher
Hello, I'm novice with Tomcat. I'm currently developing an application with access control based on forms (auth-methodFORM/auth-method in the web.xml) and on declarative security with a JDBC realm. I use the MVC model with servlets redirecting to jsp pages with (forward method of a RequestDispatcher). I understand that this security model does not apply to pages accessed by means of a RequestDispatcher. Then I wouldlike to know if there is a way to implement the following workflow: 1/ The web user opens a registration form (outside the secure area) to sign-in. 2/ A servlet respond to the request on form submission, create the user data in the database (giving access to the user) 3/ The servlet redirects directly the user to a page within the secure area and since this page is secured, the user is automatically asked for login info (via the login form declared in the login-config part of the web.xml) For the moment, what I get is: #1 and #2 are done correctly, then the RequestDispatcher send me to the secured page without asking for login. Thanks in advance!! Eric - Do you Yahoo!? Yahoo! Finance Tax Center - File online. File on time.
RE: [NEWBIE] Setting up a JDBC Realm and using RequestDispatcher
You may want to use response.sendRedirect() at step 3. -Original Message- From: Eric Vogue [mailto:[EMAIL PROTECTED] Sent: Tuesday, April 06, 2004 8:33 AM To: [EMAIL PROTECTED] Subject: [NEWBIE] Setting up a JDBC Realm and using RequestDispatcher Hello, I'm novice with Tomcat. I'm currently developing an application with access control based on forms (auth-methodFORM/auth-method in the web.xml) and on declarative security with a JDBC realm. I use the MVC model with servlets redirecting to jsp pages with (forward method of a RequestDispatcher). I understand that this security model does not apply to pages accessed by means of a RequestDispatcher. Then I wouldlike to know if there is a way to implement the following workflow: 1/ The web user opens a registration form (outside the secure area) to sign-in. 2/ A servlet respond to the request on form submission, create the user data in the database (giving access to the user) 3/ The servlet redirects directly the user to a page within the secure area and since this page is secured, the user is automatically asked for login info (via the login form declared in the login-config part of the web.xml) For the moment, what I get is: #1 and #2 are done correctly, then the RequestDispatcher send me to the secured page without asking for login. Thanks in advance!! Eric - Do you Yahoo!? Yahoo! Finance Tax Center - File online. File on time. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm JDBC Data Source
I'm trying to set up Tomcat 5 to use a JDBCRealm that points to a MS SQL Server 2000 instance. I also have a datasource set up to the same database instance. I can get one or the other to work, but not both together. If I move the JDBCRealm inside my Host or Context tag, the datasource works, but the security quits working. If I leave the realm outside my Host tag, security starts working again, but I get an exception on the datasource. Any ideas on making them work together? I think my JDBCRealm might be in the wrong place but don't know for sure. Here is my server.xml... - Server port=8005 shutdown=SHUTDOWN GlobalNamingResources !-- Used by Manager webapp -- Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved /Resource ResourceParams name=UserDatabase parameter namefactory/name valueorg.apache.catalina.users.MemoryUserDatabaseFactory/value /parameter parameter namepathname/name valueconf/tomcat-users.xml/value /parameter /ResourceParams /GlobalNamingResources Service name=Catalina Connector port=8080 / !-- This is here for compatibility only, not required -- Connector port=8009 protocol=AJP/1.3 / Engine name=Catalina defaultHost=localhost Logger className=org.apache.catalina.logger.FileLogger / Realm className=org.apache.catalina.realm.UserDatabaseRealm resourceName=UserDatabase / Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.microsoft.jdbc.sqlserver.SQLServerDriver connectionURL=jdbc:microsoft:sqlserver://dbserver:1433;DatabaseName=testdb;SelectMethod=Cursor;User=user;Password=pwd userTable=users userNameCol=username userCredCol=password userRoleTable=user_roles roleNameCol=role/ Host name=localhost appBase=/home/testuser/www unpackWARs=false autoDeploy=true Valve className=org.apache.catalina.authenticator.SingleSignOn debug=0/ Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=localhost_log. suffix=.txt timestamp=true/ Context path= docBase=/home/testuser/www debug=5 Logger className=org.apache.catalina.logger.FileLogger prefix=test_log. suffix=.txt timestamp=true/ Resource name=jdbc/TestDB auth=Container type=javax.sql.DataSource/ ResourceParams name=jdbc/TestDB parameter namefactory/name valueorg.apache.commons.dbcp.BasicDataSourceFactory/value /parameter parameter namemaxActive/name value100/value /parameter parameter namemaxIdle/name value30/value /parameter parameter namemaxWait/name value1/value /parameter parameter nameusername/name valueuser/value /parameter parameter namepassword/name valuepwd/value /parameter parameter namedriverClassName/name valuecom.microsoft.jdbc.sqlserver.SQLServerDriver/value /parameter parameter nameurl/name valuejdbc:microsoft:sqlserver://dbserver:1433;DatabaseName=testdb;SelectMethod=Cursor;/value /parameter /ResourceParams /Context /Host /Engine /Service
Re: JDBC Realm
mySQL is case-sensitive on column names. In mysql describe the users and user_roles tables. Use the column names as returned. eg: mysqldescribe bobbins; +---+--+--+-+-+---+ | Field | Type | Null | Key | Default | Extra | +---+--+--+-+-+---+ | bobbins_id| bigint(20) | | PRI | 0 | | | description | varchar(255) | | | | | +---+--+--+-+-+---+ 2 rows in set (0.09 sec) The single quotes you are using have unanticipated side effects: The sql generated by the JDBCRealm will be something like select 'USERPASS' from users where 'USERNAME' = ?; This will bring back zero rows unless the password is actually the string literal 'USERNAME'. In that case the value returned will be the string literal 'USERPASS' not the data within the password column. I would guess your columns are defined in lowercase so the realm setup should be: Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost:3306/cofc?user=root;password=root userTable=users userNameCol=username userCredCol=userpass userRoleTable=user_roles roleNameCol='ur_rolename'/ HTH, Jon Justin Wesbrooks wrote: When I get rid of the single quotes, the Mysql JDBC driver throws an SQLException that says something like column USERNAME not found I originally had it without the single quotes. To solve the error I added them just to try it and it worked, so I left them. Justin Tim Funk [EMAIL PROTECTED] 11/19/2003 05:37 PM Please respond to Tomcat Users List [EMAIL PROTECTED] To Tomcat Users List [EMAIL PROTECTED] cc Subject Re: JDBC Realm Get rid of the single quotes. userNameCol=USERNAME -Tim Justin Wesbrooks wrote: I have a JDBCRealm set up in Tomcat 4.1.29. The realm config is as follows.. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost:3306/cofc?user=root;password=root userTable=users userNameCol='USERNAME' userCredCol='USERPASS' userRoleTable=user_roles roleNameCol='UR_ROLENAME'/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm
Thanks for the response. When I describe the user table, I get the following output... Doesn't this indicate that my orinigal configuration without the single quotes should be correct? mysql describe users; +---+---+--+-+-+---+ | Field | Type | Null | Key | Default | Extra | +---+---+--+-+-+---+ | USERNAME | varchar(16) | | PRI | | | | PASSWORD | varchar(16) | | | | | | EMAIL | varchar(100) | YES | | | | | CREATE_DT | timestamp(14) | YES | | NULL| | +---+---+--+-+-+---+ 4 rows in set (0.01 sec) Jon Wingfield [EMAIL PROTECTED] odo.com To Tomcat Users List 11/20/2003 05:01 [EMAIL PROTECTED] AM cc Subject Please respond to Re: JDBC Realm Tomcat Users List [EMAIL PROTECTED] rta.apache.org mySQL is case-sensitive on column names. In mysql describe the users and user_roles tables. Use the column names as returned. eg: mysqldescribe bobbins; +---+--+--+-+-+---+ | Field | Type | Null | Key | Default | Extra | +---+--+--+-+-+---+ | bobbins_id| bigint(20) | | PRI | 0 | | | description | varchar(255) | | | | | +---+--+--+-+-+---+ 2 rows in set (0.09 sec) The single quotes you are using have unanticipated side effects: The sql generated by the JDBCRealm will be something like select 'USERPASS' from users where 'USERNAME' = ?; This will bring back zero rows unless the password is actually the string literal 'USERNAME'. In that case the value returned will be the string literal 'USERPASS' not the data within the password column. I would guess your columns are defined in lowercase so the realm setup should be: Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost:3306/cofc?user=root;password=root userTable=users userNameCol=username userCredCol=userpass userRoleTable=user_roles roleNameCol='ur_rolename'/ HTH, Jon Justin Wesbrooks wrote: When I get rid of the single quotes, the Mysql JDBC driver throws an SQLException that says something like column USERNAME not found I originally had it without the single quotes. To solve the error I added them just to try it and it worked, so I left them. Justin Tim Funk [EMAIL PROTECTED] 11/19/2003 05:37 PM Please respond to Tomcat Users List [EMAIL PROTECTED] To Tomcat Users List [EMAIL PROTECTED] cc Subject Re: JDBC Realm Get rid of the single quotes. userNameCol=USERNAME -Tim Justin Wesbrooks wrote: I have a JDBCRealm set up in Tomcat 4.1.29. The realm config is as follows.. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost:3306/cofc?user=root;password=root userTable=users userNameCol='USERNAME' userCredCol='USERPASS' userRoleTable=user_roles roleNameCol='UR_ROLENAME'/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm
By the way, I know my userCredCol from the original configuration I sent was wrong. It should be PASSWORD. I've corrected this and still get the same errors. I just tried changing all of my field names to lower case, but get the same results. Here is the exception I get when I don't use the single quotes. 2003-11-20 08:54:01 JDBCRealm[Standalone]: Username justin successfully authenticated 2003-11-20 08:54:01 JDBCRealm[Standalone]: Exception performing authentication java.sql.SQLException: Column not found, message from server: Unknown column 'username' in 'where clause' at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:1825) at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1020) at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:1109) at com.mysql.jdbc.Connection.execSQL(Connection.java:2030) at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:1563) at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:476) at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:394) at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthenticator.java:161) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:528) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2417) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643) at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:171) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:174) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:193) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:781) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:549) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:589) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:666) at java.lang.Thread.run(Thread.java:534) Jon Wingfield [EMAIL PROTECTED] odo.com To Tomcat Users List 11/20/2003 05:01 [EMAIL PROTECTED] AM cc Subject Please respond to Re: JDBC Realm Tomcat Users List [EMAIL PROTECTED] rta.apache.org mySQL is case-sensitive on column names. In mysql describe the users and user_roles tables. Use the column names as returned. eg: mysqldescribe bobbins; +---+--+--+-+-+---+ | Field | Type | Null | Key | Default | Extra | +---+--+--+-+-+---+ | bobbins_id| bigint(20) | | PRI | 0 | | | description | varchar(255
Re: JDBC Realm
On Thursday 20 November 2003 8:51 am, Justin Wesbrooks wrote: Thanks for the response. When I describe the user table, I get the following output... mysql describe users; Isn't users the default table in mysql where it stores MySQL logins? Or was that your intention. If not, you might have a table name conflict. Jon - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm
Justin, maybe tomcat is complaining about your userRoleTable (user_roles). Does this table have a row named userNameCol (USERNAME), too? AFAIK the exact same column name is required to put users and roles together. I assume this because you first get 2003-11-20 08:54:01 JDBCRealm[Standalone]: Username justin successfully authenticated which seems like the password has been successfully checked, but then you get 2003-11-20 08:54:01 JDBCRealm[Standalone]: Exception performing authentication java.sql.SQLException: Column not found, message from server: Unknown column 'username' in 'where clause' which should come from the attempt to get the roles for this user. Greetings Andreas Mohrig -Original Message- From: Justin Wesbrooks [mailto:[EMAIL PROTECTED] Sent: Thursday, November 20, 2003 3:59 PM To: Tomcat Users List Subject: Re: JDBC Realm By the way, I know my userCredCol from the original configuration I sent was wrong. It should be PASSWORD. I've corrected this and still get the same errors. I just tried changing all of my field names to lower case, but get the same results. Here is the exception I get when I don't use the single quotes. 2003-11-20 08:54:01 JDBCRealm[Standalone]: Username justin successfully authenticated 2003-11-20 08:54:01 JDBCRealm[Standalone]: Exception performing authentication java.sql.SQLException: Column not found, message from server: Unknown column 'username' in 'where clause' at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:1825) at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1020) at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:1109) at com.mysql.jdbc.Connection.execSQL(Connection.java:2030) at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:1563) at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:476) at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:394) at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthe nticator.java:161) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase .java:528) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2417) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180 ) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:643) at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve. java:171) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:641) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172 ) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java :174) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:193) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:781) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConne ction(Http11Protocol.java:549) at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:589) at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav a:666) at java.lang.Thread.run(Thread.java:534) Jon Wingfield [EMAIL PROTECTED] odo.com To Tomcat Users List 11/20/2003 05:01 [EMAIL PROTECTED] AM cc Subject Please respond to Re: JDBC Realm Tomcat Users
RE: JDBC Realm
Here are my 3 table definitions... Does the username column in the user_roles table have to be named the exact same as the column in the users table? mysql describe users; +---+---+--+-+-+---+ | Field | Type | Null | Key | Default | Extra | +---+---+--+-+-+---+ | username | varchar(16) | | PRI | | | | password | varchar(16) | | | | | | email | varchar(100) | YES | | | | | create_dt | timestamp(14) | YES | | NULL| | +---+---+--+-+-+---+ mysql describe roles; +---+--+--+-+-+---+ | Field | Type | Null | Key | Default | Extra | +---+--+--+-+-+---+ | role_name | varchar(16) | | PRI | | | | role_desc | varchar(100) | | | | | +---+--+--+-+-+---+ 2 rows in set (0.00 sec) mysql describe user_roles; +-+-+--+-+-+---+ | Field | Type| Null | Key | Default | Extra | +-+-+--+-+-+---+ | ur_username | varchar(16) | | PRI | | | | ur_rolename | varchar(16) | | PRI | | | +-+-+--+-+-+---+ 2 rows in set (0.00 sec) Andreas Mohrig [EMAIL PROTECTED] adooz.de To 'Tomcat Users List' 11/20/2003 09:12 [EMAIL PROTECTED] AM cc Subject Please respond to RE: JDBC Realm Tomcat Users List [EMAIL PROTECTED] rta.apache.org Justin, maybe tomcat is complaining about your userRoleTable (user_roles). Does this table have a row named userNameCol (USERNAME), too? AFAIK the exact same column name is required to put users and roles together. I assume this because you first get 2003-11-20 08:54:01 JDBCRealm[Standalone]: Username justin successfully authenticated which seems like the password has been successfully checked, but then you get 2003-11-20 08:54:01 JDBCRealm[Standalone]: Exception performing authentication java.sql.SQLException: Column not found, message from server: Unknown column 'username' in 'where clause' which should come from the attempt to get the roles for this user. Greetings Andreas Mohrig -Original Message- From: Justin Wesbrooks [mailto:[EMAIL PROTECTED] Sent: Thursday, November 20, 2003 3:59 PM To: Tomcat Users List Subject: Re: JDBC Realm By the way, I know my userCredCol from the original configuration I sent was wrong. It should be PASSWORD. I've corrected this and still get the same errors. I just tried changing all of my field names to lower case, but get the same results. Here is the exception I get when I don't use the single quotes. 2003-11-20 08:54:01 JDBCRealm[Standalone]: Username justin successfully authenticated 2003-11-20 08:54:01 JDBCRealm[Standalone]: Exception performing authentication java.sql.SQLException: Column not found, message from server: Unknown column 'username' in 'where clause' at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:1825) at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1020) at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:1109) at com.mysql.jdbc.Connection.execSQL(Connection.java:2030) at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:1563) at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:476) at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:394) at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthe nticator.java:161) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase .java:528) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:641
RE: JDBC Realm
Thanks for the help. When I changed the ur_username column to username, it worked. Andreas Mohrig [EMAIL PROTECTED] adooz.de To 'Tomcat Users List' 11/20/2003 09:12 [EMAIL PROTECTED] AM cc Subject Please respond to RE: JDBC Realm Tomcat Users List [EMAIL PROTECTED] rta.apache.org Justin, maybe tomcat is complaining about your userRoleTable (user_roles). Does this table have a row named userNameCol (USERNAME), too? AFAIK the exact same column name is required to put users and roles together. I assume this because you first get 2003-11-20 08:54:01 JDBCRealm[Standalone]: Username justin successfully authenticated which seems like the password has been successfully checked, but then you get 2003-11-20 08:54:01 JDBCRealm[Standalone]: Exception performing authentication java.sql.SQLException: Column not found, message from server: Unknown column 'username' in 'where clause' which should come from the attempt to get the roles for this user. Greetings Andreas Mohrig -Original Message- From: Justin Wesbrooks [mailto:[EMAIL PROTECTED] Sent: Thursday, November 20, 2003 3:59 PM To: Tomcat Users List Subject: Re: JDBC Realm By the way, I know my userCredCol from the original configuration I sent was wrong. It should be PASSWORD. I've corrected this and still get the same errors. I just tried changing all of my field names to lower case, but get the same results. Here is the exception I get when I don't use the single quotes. 2003-11-20 08:54:01 JDBCRealm[Standalone]: Username justin successfully authenticated 2003-11-20 08:54:01 JDBCRealm[Standalone]: Exception performing authentication java.sql.SQLException: Column not found, message from server: Unknown column 'username' in 'where clause' at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:1825) at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1020) at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:1109) at com.mysql.jdbc.Connection.execSQL(Connection.java:2030) at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:1563) at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:476) at org.apache.catalina.realm.JDBCRealm.authenticate(JDBCRealm.java:394) at org.apache.catalina.authenticator.BasicAuthenticator.authenticate(BasicAuthe nticator.java:161) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase .java:528) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2417) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:180 ) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:643) at org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve. java:171) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:641) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:172 ) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:641) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:995) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java :174) at org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invok eNext(StandardPipeline.java:643) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:480) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java
Re: JDBC Realm
Jon, Isn't users the default table in mysql where it stores MySQL logins? Or was that your intention. If not, you might have a table name conflict. Naw, that's in a different tablespace. His stuff looks correct. -chris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm
I have a JDBCRealm set up in Tomcat 4.1.29. The realm config is as follows.. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost:3306/cofc?user=root;password=root userTable=users userNameCol='USERNAME' userCredCol='USERPASS' userRoleTable=user_roles roleNameCol='UR_ROLENAME'/ I have a mysql database set up that matches the above. I have a web app with the following web.xml.. ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN http://java.sun.com/dtd/web-app_2_3.dtd; web-app display-nameJustin Web App/display-name descriptionTest justin web app/description security-constraint display-nameTEST Security Constraint/display-name web-resource-collection web-resource-nameProtected Area/web-resource-name url-pattern*.jsp/url-pattern url-pattern*.do/url-pattern url-pattern*.html/url-pattern /web-resource-collection auth-constraint role-namemember/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nametestrealm/realm-name /login-config security-role descriptionThe role that is required to log in to the Administration Application/description role-namemember/role-name /security-role /web-app All that is in my webapp is an index.html and this web.xml. I'm trying to authenticate / authorize against the database but can't get it to work. When I go to http://localhost:8080/justin I get a username / password prompt as I should but when I enter my username and password, it fails. The troubling thing is that there are no errors in any of the log files. I've checked over and over again that the user is in the table and that table / field names are all correct. I feel that my configuration is correct because if I kill the mysql server, Tomcat fails to start. I've searched Google and the archives and can't seem to find anything specific to this problem. Can someone point me to some literature / faq, etc. that might help - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm
Get rid of the single quotes. userNameCol=USERNAME -Tim Justin Wesbrooks wrote: I have a JDBCRealm set up in Tomcat 4.1.29. The realm config is as follows.. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost:3306/cofc?user=root;password=root userTable=users userNameCol='USERNAME' userCredCol='USERPASS' userRoleTable=user_roles roleNameCol='UR_ROLENAME'/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm
When I get rid of the single quotes, the Mysql JDBC driver throws an SQLException that says something like column USERNAME not found I originally had it without the single quotes. To solve the error I added them just to try it and it worked, so I left them. Justin Tim Funk [EMAIL PROTECTED] 11/19/2003 05:37 PM Please respond to Tomcat Users List [EMAIL PROTECTED] To Tomcat Users List [EMAIL PROTECTED] cc Subject Re: JDBC Realm Get rid of the single quotes. userNameCol=USERNAME -Tim Justin Wesbrooks wrote: I have a JDBCRealm set up in Tomcat 4.1.29. The realm config is as follows.. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost:3306/cofc?user=root;password=root userTable=users userNameCol='USERNAME' userCredCol='USERPASS' userRoleTable=user_roles roleNameCol='UR_ROLENAME'/ - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm hangs
Hello, I am running tomcat 4.1.27 on windows 2000 server with sql server 7 in production. Using the JDBC Realm to manage the login. The login works just fine but then after some time it hangs up. The login page is served so I know tomcat is still running but once the user types in the username and password nothing happens. Anybody have any ideas on how I can diagnose this problem. There are no error messages. Once I reboot the server the problem goes away for an indeterminate amount of time and then comes back. thanks Matt - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm hangs
[EMAIL PROTECTED] wrote: Hello, I am running tomcat 4.1.27 on windows 2000 server with sql server 7 in production. Using the JDBC Realm to manage the login. The login works just fine but then after some time it hangs up. The login page is served so I know tomcat is still running but once the user types in the username and password nothing happens. Anybody have any ideas on how I can diagnose this problem. There are no error messages. Once I reboot the server the problem goes away for an indeterminate amount of time and then comes back. thanks Matt - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm
David, I also have the user passwords encrypted using MD5 and this works fine. However we have a need to have all clear text passwords encrypted in configuration files. I need this realm to work with the connectionPassword value foobar encrypted. Does anyone know if this has been done and is there a patch of some sort available? So, you need the ability to authenticate some users after MD5'ing their passwords, and others without any digest? I think you'll have to roll your own Realm to do that. If you just want to turn off the MD5 part, you can simply leave out the 'digest=MD5' from the Realm configuration. But I assume that's not what you want. -chris - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm
Can you please explain this a little better. You have in your database a list of all your user's passwords encrypted using MD5. Do you also have a clear text copy of them? Then you want to encrypt this clear text copy for use in your configuration files? If you don't already have a cleartext copy of the passwords you are going to have to get your users to submit them as your MD5 version is useless. You could amend your application to read the password, store it in the clear, then compare it using MD5. Then as they all log in they will have given you a copy of their password. Andoni. - Original Message - From: Gardner, David [IT] [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, October 28, 2003 3:15 AM Subject: JDBC Realm I have a JDBC Realm configured against a sybase database and it works fine. See below I have changed the details for obvious security reasons. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.sybase.jdbc2.jdbc.SybDriver connectionURL=jdbc:sybase:Tds:foo.au.bar.com:666/foo_bar connectionName=foobar connectionPassword=foobar userTable=User userNameCol=userName userCredCol=password userRoleTable=UserRole roleNameCol=roleName digest=MD5/ I also have the user passwords encrypted using MD5 and this works fine. However we have a need to have all clear text passwords encrypted in configuration files. I need this realm to work with the connectionPassword value foobar encrypted. Does anyone know if this has been done and is there a patch of some sort available? David Gardner Software Developer Cititech Level 11, 2 Park Street Sydney NSW Australia 2000 Phone: (+612) 8225 4803 Fax: (+612) 8225 Email: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm
Hello, Please let me explain a little more. It is the password that the JDBC realm uses to connect to the database that should be encrypted for example connectionPassword=foobar should look something like connectionPassword=3dc69416b0783cac9f3dda37b6bb0862. I have been able to deal with user passwords fine using MD5. We have a policy of no developer access to production and staging environments. Thus any passwords in configuration files such as the server.xml require encryption. However I have since created a solution. I have created my own class that extends org.apache.catalina.realm.RealmBase. It works in a similar way to the tomcat JDBCRealm. I made it available in the tomcat server classpath under server/lib. I have configured server.xml like.. Realm className=com.foo.bar.MyJDBCRealm debug=99 connectionName=FooBar userTable=User userNameCol=userName userCredCol=password userRoleTable=UserRole roleNameCol=roleName digest=MD5/ The connectionName=FooBar uses a JDBC connection pool I have written that supports password encryption. Hence I no longer have clear text passwords in my config file server.xml. In fact maybe this raises a point that it appears that all passwords in config files for tomcat are clear text. For example by looking at the doco for JNDI data sources the configs for JDBC connection pooling using DBCP also have clear text passwords. See .. http://jakarta.apache.org/tomcat/tomcat-4.1-doc/jndi-datasource-examples-how to.html -Original Message- From: Andoni [mailto:[EMAIL PROTECTED] Sent: Wednesday, 29 October 2003 1:28 AM To: Tomcat Users List Subject: Re: JDBC Realm Can you please explain this a little better. You have in your database a list of all your user's passwords encrypted using MD5. Do you also have a clear text copy of them? Then you want to encrypt this clear text copy for use in your configuration files? If you don't already have a cleartext copy of the passwords you are going to have to get your users to submit them as your MD5 version is useless. You could amend your application to read the password, store it in the clear, then compare it using MD5. Then as they all log in they will have given you a copy of their password. Andoni. - Original Message - From: Gardner, David [IT] [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, October 28, 2003 3:15 AM Subject: JDBC Realm I have a JDBC Realm configured against a sybase database and it works fine. See below I have changed the details for obvious security reasons. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.sybase.jdbc2.jdbc.SybDriver connectionURL=jdbc:sybase:Tds:foo.au.bar.com:666/foo_bar connectionName=foobar connectionPassword=foobar userTable=User userNameCol=userName userCredCol=password userRoleTable=UserRole roleNameCol=roleName digest=MD5/ I also have the user passwords encrypted using MD5 and this works fine. However we have a need to have all clear text passwords encrypted in configuration files. I need this realm to work with the connectionPassword value foobar encrypted. Does anyone know if this has been done and is there a patch of some sort available? David Gardner Software Developer Cititech Level 11, 2 Park Street Sydney NSW Australia 2000 Phone: (+612) 8225 4803 Fax: (+612) 8225 Email: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm
I have a JDBC Realm configured against a sybase database and it works fine. See below I have changed the details for obvious security reasons. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.sybase.jdbc2.jdbc.SybDriver connectionURL=jdbc:sybase:Tds:foo.au.bar.com:666/foo_bar connectionName=foobar connectionPassword=foobar userTable=User userNameCol=userName userCredCol=password userRoleTable=UserRole roleNameCol=roleName digest=MD5/ I also have the user passwords encrypted using MD5 and this works fine. However we have a need to have all clear text passwords encrypted in configuration files. I need this realm to work with the connectionPassword value foobar encrypted. Does anyone know if this has been done and is there a patch of some sort available? David Gardner Software Developer Cititech Level 11, 2 Park Street Sydney NSW Australia 2000 Phone: (+612) 8225 4803 Fax:(+612) 8225 Email: [EMAIL PROTECTED] Important Information This message may contain confidential or proprietary information. If you are not the intended recipient, please notify the sender immediately and delete the message from your system. You should not copy or use it for any purpose, nor disclose its contents to any other person. E-mail transmission cannot be guaranteed to be secure or error-free. No guarantee is made that any attachments are virus free. We reserve the right to monitor all e-mail communications. This e-mail does not take into account your investment objectives or financial situation and you should obtain advice based on your own individual circumstances before making an investment decision This e-mail is made available to you in Australia by Citigroup Global Markets Australia Pty Limited ABN 64 003 114 832, a licensed securities dealer and futures broker, a Participating Organisation of the Australian Stock Exchange Limited and a participant of the Sydney Futures Exchange Limited. In New Zealand it is made available through Citigroup Global Markets New Zealand Limited, a member firm of the New Zealand Stock Exchange. Although the information is believed to be reliable, we do not guarantee its accuracy and it may be incomplete or condensed. All opinions and estimates constitute Citigroup's judgement at the date of issue and are subject to change without notice. Unless stated otherwise, pricing information is indicative only, subject to change and is not an offer to deal at any price quoted. Any reference to the terms of executed transactions is preliminary only and subject to written confirmation. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
basic jdbc realm authentication
I'm using tomcat 4.1.18 with Microsoft Internet Explorer 6.0 sp1 as the browser and oracle as the database to which I authenticate users. Oddly, the colon character cannot be used in user names, but can be used in passwords. I'm assuming my code is at fault, but I cannot see how. Perhaps there is something special about the colon character to the authentication dialog. Thanks for the help. Derrick This electronic transmission is strictly confidential to Smith Nephew and intended solely for the addressee. It may contain information which is covered by legal, professional or other privilege. If you are not the intended addressee, or someone authorized by the intended addressee to receive transmissions on behalf of the addressee, you must not retain, disclose in any form, copy or take any action in reliance on this transmission. If you have received this transmission in error, please notify the sender as soon as possible and destroy this message.
Re: basic jdbc realm authentication
In the basic authentication approach the userid and password are concatenated with a ':' between them, base64 encoded, then placed in an HTTP header to send to the server. Obviously, the server will have trouble differentiating between the ':' in the username and the one separating the user name from the password. In other words, this is an artifact of BASIC authentication. Later, G. Wade Koes, Derrick wrote: I'm using tomcat 4.1.18 with Microsoft Internet Explorer 6.0 sp1 as the browser and oracle as the database to which I authenticate users. Oddly, the colon character cannot be used in user names, but can be used in passwords. I'm assuming my code is at fault, but I cannot see how. Perhaps there is something special about the colon character to the authentication dialog. Thanks for the help. Derrick This electronic transmission is strictly confidential to Smith Nephew and intended solely for the addressee. It may contain information which is covered by legal, professional or other privilege. If you are not the intended addressee, or someone authorized by the intended addressee to receive transmissions on behalf of the addressee, you must not retain, disclose in any form, copy or take any action in reliance on this transmission. If you have received this transmission in error, please notify the sender as soon as possible and destroy this message. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm not working with - Please help
Hi, I'm trying to setup my web app to use JDBC Realm. I am using SQL Server 2000. Here is the script to create tables: CREATE TABLE [dbo].[t_Role] ( [RoleId] [int] IDENTITY (1, 1) NOT NULL , [role] [varchar] (12) ) CREATE TABLE [dbo].[t_Usr] ( [UsrId] [int] IDENTITY (1, 1) NOT NULL , [UsrName] [varchar] (10) , [Pwd] [varchar] (10) ) CREATE TABLE [dbo].[t_UsrRole] ( [UsrRoleAdmin] [int] IDENTITY (1, 1) NOT NULL , [UsrName] [varchar] (10) , [RoleName] [varchar] (10) ) Below is the only changes I have made to my server.xml file. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.microsoft.jdbc.sqlserver.SQLServerDriver connectionURL=jdbc:microsoft:sqlserver://exp468:1433;DatabaseName=Mosaic;user=sa;password=c0mmun1$t; connectionName=rudi connectionPassword=rudi userTable=t_Usr userNameCol=UsrName userCredCol=Pwd userRoleTable=t_UsrRole roleNameCol=RoleName / Any assistance would be greatly appreciated. Cheers, Rudi - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm not working with - Please help
Hi again, I'm using version 4.1.27 of tomcat, and my login page is taking forever to load. I'm not actually getting any error messages. Thanks again, Rudi Hi, I'm trying to setup my web app to use JDBC Realm. I am using SQL Server 2000. Here is the script to create tables: CREATE TABLE [dbo].[t_Role] ( [RoleId] [int] IDENTITY (1, 1) NOT NULL , [role] [varchar] (12) ) CREATE TABLE [dbo].[t_Usr] ( [UsrId] [int] IDENTITY (1, 1) NOT NULL , [UsrName] [varchar] (10) , [Pwd] [varchar] (10) ) CREATE TABLE [dbo].[t_UsrRole] ( [UsrRoleAdmin] [int] IDENTITY (1, 1) NOT NULL , [UsrName] [varchar] (10) , [RoleName] [varchar] (10) ) Below is the only changes I have made to my server.xml file. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.microsoft.jdbc.sqlserver.SQLServerDriver connectionURL=jdbc:microsoft:sqlserver://exp468:1433;DatabaseName=Mosaic;user=sa;password=c0mmun1$t; connectionName=rudi connectionPassword=rudi userTable=t_Usr userNameCol=UsrName userCredCol=Pwd userRoleTable=t_UsrRole roleNameCol=RoleName / Any assistance would be greatly appreciated. Cheers, Rudi - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm not working with - Please help
I have also placed the following files in D:\Tomcat 4.1\common\lib: msutil.jar, mssqlserver.jar, and msbase.jar, and restarted tomat, but still no joy. Hi again, I'm using version 4.1.27 of tomcat, and my login page is taking forever to load. I'm not actually getting any error messages. Thanks again, Rudi Hi, I'm trying to setup my web app to use JDBC Realm. I am using SQL Server 2000. Here is the script to create tables: CREATE TABLE [dbo].[t_Role] ( [RoleId] [int] IDENTITY (1, 1) NOT NULL , [role] [varchar] (12) ) CREATE TABLE [dbo].[t_Usr] ( [UsrId] [int] IDENTITY (1, 1) NOT NULL , [UsrName] [varchar] (10) , [Pwd] [varchar] (10) ) CREATE TABLE [dbo].[t_UsrRole] ( [UsrRoleAdmin] [int] IDENTITY (1, 1) NOT NULL , [UsrName] [varchar] (10) , [RoleName] [varchar] (10) ) Below is the only changes I have made to my server.xml file. Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.microsoft.jdbc.sqlserver.SQLServerDriver connectionURL=jdbc:microsoft:sqlserver://exp468:1433;DatabaseName=Mosaic;user=sa;password=c0mmun1$t; connectionName=rudi connectionPassword=rudi userTable=t_Usr userNameCol=UsrName userCredCol=Pwd userRoleTable=t_UsrRole roleNameCol=RoleName / Any assistance would be greatly appreciated. Cheers, Rudi - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm not working with - Please help
Suggestions: 1. Check the log files for possible error messages $CATALINA_HOME/log 2. Write a java application to try the connection, see what you would get [EMAIL PROTECTED] wrote: Hi again, I'm using version 4.1.27 of tomcat, and my login page is taking forever to load. I'm not actually getting any error messages. Thanks again, Rudi Hi, I'm trying to setup my web app to use JDBC Realm. I am using SQL Server 2000. Here is the script to create tables: CREATE TABLE [dbo].[t_Role] ( [RoleId] [int] IDENTITY (1, 1) NOT NULL , [role] [varchar] (12) ) CREATE TABLE [dbo].[t_Usr] ( [UsrId] [int] IDENTITY (1, 1) NOT NULL , [UsrName] [varchar] (10) , [Pwd] [varchar] (10) ) CREATE TABLE [dbo].[t_UsrRole] ( [UsrRoleAdmin] [int] IDENTITY (1, 1) NOT NULL , [UsrName] [varchar] (10) , [RoleName] [varchar] (10) ) Below is the only changes I have made to my server.xml file. driverName=com.microsoft.jdbc.sqlserver.SQLServerDriver connectionURL=jdbc:microsoft:sqlserver://exp468:1433;DatabaseName=Mosaic;user=sa;password=c0mmun1$t; connectionName=rudi connectionPassword=rudi userTable=t_Usr userNameCol=UsrName userCredCol=Pwd userRoleTable=t_UsrRole roleNameCol=RoleName / Any assistance would be greatly appreciated. Cheers, Rudi - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - Do you Yahoo!? The New Yahoo! Shopping - with improved product search
Re: JDBC Realm problems
in case no one noticed and it matters, web.xml has following typo in it, where resource is spelled ressource: web-ressource-collection web-ressource-nametest/web-ressource-name I wish I had seen that earlier x_x. Thanks alot Paul, it's now showing up auth window. Unfortunately I have the same problem as mentionned here : http://archives.real-time.com/pipermail/tomcat-users/2003-January/094373.html Do I have to modify the source code of org.apache.catalina.realm.JDBCRealm to have it concatenate username+password to make md5 auth successfull on Postgres, or is there another workaround (maybe in TC5) ? Thanks laurent - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm problems
Don't you get: Digester.error(): org.xml.sax.SAXParseException: Element security-constraint requires additional elements. On 09/24/2003 09:48 AM Laurent Perez wrote: in case no one noticed and it matters, web.xml has following typo in it, where resource is spelled ressource: web-ressource-collection web-ressource-nametest/web-ressource-name I wish I had seen that earlier x_x. Thanks alot Paul, it's now showing up auth window. Unfortunately I have the same problem as mentionned here : http://archives.real-time.com/pipermail/tomcat-users/2003-January/094373.html Do I have to modify the source code of org.apache.catalina.realm.JDBCRealm to have it concatenate username+password to make md5 auth successfull on Postgres, or is there another workaround (maybe in TC5) ? Thanks laurent - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- struts 1.1 + tomcat 4.1.27 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm problems
Don't you get: Digester.error(): org.xml.sax.SAXParseException: Element security-constraint requires additional elements. No I don't. Should I ? laurent - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm problems
Yes! I was unaware that you could disable xml parsing exceptions. But it seems you have. :( Perhaps it depends on the xml parser you are running. Mine is crimson (SAX?). Adam On 09/24/2003 11:29 AM Laurent Perez wrote: Don't you get: Digester.error(): org.xml.sax.SAXParseException: Element security-constraint requires additional elements. No I don't. Should I ? laurent - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- struts 1.1 + tomcat 4.1.27 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm problems
Yes! I was unaware that you could disable xml parsing exceptions. But it seems you have. :( Sorry but I don't understand the link between my xml parser and Postgres' MD5 encoding. Do you have your Tomcat setup authenticating users against a Postgresql JDBCRealm using MD5 digest ? laurent - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm problems
Oh I'm very sorry, perhaps I confused your post with somebody else's. The problem I am referring to is the issue with the web-resource-name being spelt wrong. Adam On 09/24/2003 12:08 PM Laurent Perez wrote: Yes! I was unaware that you could disable xml parsing exceptions. But it seems you have. :( Sorry but I don't understand the link between my xml parser and Postgres' MD5 encoding. Do you have your Tomcat setup authenticating users against a Postgresql JDBCRealm using MD5 digest ? laurent - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- struts 1.1 + tomcat 4.1.27 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm problems
I think your problem is that /* does not match on the end of the URL you are requesting. I know this is kind of screwy, I've had LOTS of fun with Tomcat Realms :) /* will match for /test/* (since you are within the test application) not the root of the server. Try just * in the auth config or put a index.html in the /test/ dir and try /test/index.html and see if you then get the auth dialog. Then you'll know if that's the problem. -Original Message- From: Paul [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 23, 2003 4:06 PM To: Tomcat Users List Subject: Re: JDBC Realm problems in case no one noticed and it matters, web.xml has following typo in it, where resource is spelled ressource: web-ressource-collection web-ressource-nametest/web-ressource-name - Original Message - From: Adam Hardy [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Tuesday, September 23, 2003 12:39 PM Subject: Re: JDBC Realm problems Your config looks OK. Are you getting any errors logged when you try to log on? On 09/23/2003 04:43 PM Laurent Perez wrote: Hello I am trying to protect a webapp I wrote using a JDBCRealm, but it doesn't seem to work as expected. I am using Tomcat 4.1.27, and Postgresql 7.3.2, with latest JDBC driver within $tomcat/common/lib. My realm is described as follows, in $tomcat/conf/server.xml : Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.postgresql.Driver digest=md5 connectionURL=jdbc:postgresql://127.0.0.1/mydb connectionName=mylogin connectionPassword=mypass userTable=pg_shadow userNameCol=usename userCredCol=passwd userRoleTable=named_roles roleNameCol=role / When I start Tomcat, I can see it connecting and idling to mydb, so JDBC driver works. Also 'mylogin' has read access on named_roles. My webapp is called 'test' and located within $tomcat/webapps/, its WEB-INF/web.xml is as follows : ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.2//EN http://java.sun.com/j2ee/dtds/web-app_2.2.dtd; web-app security-constraint web-ressource-collection web-ressource-nametest/web-ressource-name url-pattern/*/url-pattern /web-ressource-collection auth-constraint role-namemyrole/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nametest/realm-name /login-config security-role role-namemyrole/role-name /security-role /web-app The 'myrole' role is defined in my named_roles table, and I have several users under that role. I did add security-role tags because Tomcat would warn me about 'myrole' not being within security-role tags on startup. Now when I am trying to access http://localhost:8080/test, no authentication window pops up, I can access it freely, which shouldn't be correct (?). When I look at logs, I can see : 2003-09-23 14:14:52 ContextConfig[/test]: Configured an authenticator for method BASIC 2003-09-23 14:14:52 StandardManager[/test]: Seeding random number generator class java.security.SecureRandom 2003-09-23 14:14:52 StandardManager[/test]: Seeding of random number generator has been completed If BASIC auth method is activated, why isn't my browser showing up an auth window ? :-/ Also I know Postgres doesn't store md5 password files like md5_func(password), but instead md5_func(password+login), will it cause problems with Tomcat's digest=md5 behaviour ? Thanks for any help Laurent Perez - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- struts 1.1 + tomcat 4.1.27 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm problems
Hello I am trying to protect a webapp I wrote using a JDBCRealm, but it doesn't seem to work as expected. I am using Tomcat 4.1.27, and Postgresql 7.3.2, with latest JDBC driver within $tomcat/common/lib. My realm is described as follows, in $tomcat/conf/server.xml : Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.postgresql.Driver digest=md5 connectionURL=jdbc:postgresql://127.0.0.1/mydb connectionName=mylogin connectionPassword=mypass userTable=pg_shadow userNameCol=usename userCredCol=passwd userRoleTable=named_roles roleNameCol=role / When I start Tomcat, I can see it connecting and idling to mydb, so JDBC driver works. Also 'mylogin' has read access on named_roles. My webapp is called 'test' and located within $tomcat/webapps/, its WEB-INF/web.xml is as follows : ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.2//EN http://java.sun.com/j2ee/dtds/web-app_2.2.dtd; web-app security-constraint web-ressource-collection web-ressource-nametest/web-ressource-name url-pattern/*/url-pattern /web-ressource-collection auth-constraint role-namemyrole/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nametest/realm-name /login-config security-role role-namemyrole/role-name /security-role /web-app The 'myrole' role is defined in my named_roles table, and I have several users under that role. I did add security-role tags because Tomcat would warn me about 'myrole' not being within security-role tags on startup. Now when I am trying to access http://localhost:8080/test, no authentication window pops up, I can access it freely, which shouldn't be correct (?). When I look at logs, I can see : 2003-09-23 14:14:52 ContextConfig[/test]: Configured an authenticator for method BASIC 2003-09-23 14:14:52 StandardManager[/test]: Seeding random number generator class java.security.SecureRandom 2003-09-23 14:14:52 StandardManager[/test]: Seeding of random number generator has been completed If BASIC auth method is activated, why isn't my browser showing up an auth window ? :-/ Also I know Postgres doesn't store md5 password files like md5_func(password), but instead md5_func(password+login), will it cause problems with Tomcat's digest=md5 behaviour ? Thanks for any help Laurent Perez - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm problems
Your config looks OK. Are you getting any errors logged when you try to log on? On 09/23/2003 04:43 PM Laurent Perez wrote: Hello I am trying to protect a webapp I wrote using a JDBCRealm, but it doesn't seem to work as expected. I am using Tomcat 4.1.27, and Postgresql 7.3.2, with latest JDBC driver within $tomcat/common/lib. My realm is described as follows, in $tomcat/conf/server.xml : Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.postgresql.Driver digest=md5 connectionURL=jdbc:postgresql://127.0.0.1/mydb connectionName=mylogin connectionPassword=mypass userTable=pg_shadow userNameCol=usename userCredCol=passwd userRoleTable=named_roles roleNameCol=role / When I start Tomcat, I can see it connecting and idling to mydb, so JDBC driver works. Also 'mylogin' has read access on named_roles. My webapp is called 'test' and located within $tomcat/webapps/, its WEB-INF/web.xml is as follows : ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.2//EN http://java.sun.com/j2ee/dtds/web-app_2.2.dtd; web-app security-constraint web-ressource-collection web-ressource-nametest/web-ressource-name url-pattern/*/url-pattern /web-ressource-collection auth-constraint role-namemyrole/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nametest/realm-name /login-config security-role role-namemyrole/role-name /security-role /web-app The 'myrole' role is defined in my named_roles table, and I have several users under that role. I did add security-role tags because Tomcat would warn me about 'myrole' not being within security-role tags on startup. Now when I am trying to access http://localhost:8080/test, no authentication window pops up, I can access it freely, which shouldn't be correct (?). When I look at logs, I can see : 2003-09-23 14:14:52 ContextConfig[/test]: Configured an authenticator for method BASIC 2003-09-23 14:14:52 StandardManager[/test]: Seeding random number generator class java.security.SecureRandom 2003-09-23 14:14:52 StandardManager[/test]: Seeding of random number generator has been completed If BASIC auth method is activated, why isn't my browser showing up an auth window ? :-/ Also I know Postgres doesn't store md5 password files like md5_func(password), but instead md5_func(password+login), will it cause problems with Tomcat's digest=md5 behaviour ? Thanks for any help Laurent Perez - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- struts 1.1 + tomcat 4.1.27 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm problems
in case no one noticed and it matters, web.xml has following typo in it, where resource is spelled ressource: web-ressource-collection web-ressource-nametest/web-ressource-name - Original Message - From: Adam Hardy [EMAIL PROTECTED] To: Tomcat Users List [EMAIL PROTECTED] Sent: Tuesday, September 23, 2003 12:39 PM Subject: Re: JDBC Realm problems Your config looks OK. Are you getting any errors logged when you try to log on? On 09/23/2003 04:43 PM Laurent Perez wrote: Hello I am trying to protect a webapp I wrote using a JDBCRealm, but it doesn't seem to work as expected. I am using Tomcat 4.1.27, and Postgresql 7.3.2, with latest JDBC driver within $tomcat/common/lib. My realm is described as follows, in $tomcat/conf/server.xml : Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.postgresql.Driver digest=md5 connectionURL=jdbc:postgresql://127.0.0.1/mydb connectionName=mylogin connectionPassword=mypass userTable=pg_shadow userNameCol=usename userCredCol=passwd userRoleTable=named_roles roleNameCol=role / When I start Tomcat, I can see it connecting and idling to mydb, so JDBC driver works. Also 'mylogin' has read access on named_roles. My webapp is called 'test' and located within $tomcat/webapps/, its WEB-INF/web.xml is as follows : ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.2//EN http://java.sun.com/j2ee/dtds/web-app_2.2.dtd; web-app security-constraint web-ressource-collection web-ressource-nametest/web-ressource-name url-pattern/*/url-pattern /web-ressource-collection auth-constraint role-namemyrole/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nametest/realm-name /login-config security-role role-namemyrole/role-name /security-role /web-app The 'myrole' role is defined in my named_roles table, and I have several users under that role. I did add security-role tags because Tomcat would warn me about 'myrole' not being within security-role tags on startup. Now when I am trying to access http://localhost:8080/test, no authentication window pops up, I can access it freely, which shouldn't be correct (?). When I look at logs, I can see : 2003-09-23 14:14:52 ContextConfig[/test]: Configured an authenticator for method BASIC 2003-09-23 14:14:52 StandardManager[/test]: Seeding random number generator class java.security.SecureRandom 2003-09-23 14:14:52 StandardManager[/test]: Seeding of random number generator has been completed If BASIC auth method is activated, why isn't my browser showing up an auth window ? :-/ Also I know Postgres doesn't store md5 password files like md5_func(password), but instead md5_func(password+login), will it cause problems with Tomcat's digest=md5 behaviour ? Thanks for any help Laurent Perez - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- struts 1.1 + tomcat 4.1.27 + java 1.4.2 Linux 2.4.20 RH9 - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
FW: Tomcat startup with JDBC Realm [RE-POST]
-Original Message- From: Koes, Derrick Sent: Friday, August 29, 2003 11:05 AM To: '[EMAIL PROTECTED]' Subject: Tomcat startup with JDBC Realm I have a timing issue where both my database and tomcat are being run as Windows services. If my server reboots for some reason, even though I have startup dependencies (tomcat depends on db), tomcat often doesn't start my web app because it failed the initial JDBC check it does for a database when there is a JDBC realm configured. I presume this is because Windows reports the db service as started so the tomcat service attempts to start. However, the db isn't fully up when the service is started. Have others witnessed this issue? Workarounds? Thanks, Derrick This electronic transmission is strictly confidential to Smith Nephew and intended solely for the addressee. It may contain information which is covered by legal, professional or other privilege. If you are not the intended addressee, or someone authorized by the intended addressee to receive transmissions on behalf of the addressee, you must not retain, disclose in any form, copy or take any action in reliance on this transmission. If you have received this transmission in error, please notify the sender as soon as possible and destroy this message.
Re: FW: Tomcat startup with JDBC Realm [RE-POST]
http://marc.theaimsgroup.com/?l=tomcat-userm=106216990220530w=2 -Tim Koes, Derrick wrote: -Original Message- From: Koes, Derrick Sent: Friday, August 29, 2003 11:05 AM To: '[EMAIL PROTECTED]' Subject: Tomcat startup with JDBC Realm I have a timing issue where both my database and tomcat are being run as Windows services. If my server reboots for some reason, even though I have startup dependencies (tomcat depends on db), tomcat often doesn't start my web app because it failed the initial JDBC check it does for a database when there is a JDBC realm configured. I presume this is because Windows reports the db service as started so the tomcat service attempts to start. However, the db isn't fully up when the service is started. Have others witnessed this issue? Workarounds? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: FW: Tomcat startup with JDBC Realm [RE-POST]
Thanks Tim. It's tough to get approval for inclusion in my configuration without an official release and we're stuck on 4.1.X (actually 4.1.18) right now. I'll try it anyway. Derrick -Original Message- From: Tim Funk [mailto:[EMAIL PROTECTED] Sent: Tuesday, September 02, 2003 9:59 AM To: Tomcat Users List Subject: Re: FW: Tomcat startup with JDBC Realm [RE-POST] http://marc.theaimsgroup.com/?l=tomcat-userm=106216990220530w=2 -Tim Koes, Derrick wrote: -Original Message- From: Koes, Derrick Sent: Friday, August 29, 2003 11:05 AM To: '[EMAIL PROTECTED]' Subject: Tomcat startup with JDBC Realm I have a timing issue where both my database and tomcat are being run as Windows services. If my server reboots for some reason, even though I have startup dependencies (tomcat depends on db), tomcat often doesn't start my web app because it failed the initial JDBC check it does for a database when there is a JDBC realm configured. I presume this is because Windows reports the db service as started so the tomcat service attempts to start. However, the db isn't fully up when the service is started. Have others witnessed this issue? Workarounds? - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This electronic transmission is strictly confidential to Smith Nephew and intended solely for the addressee. It may contain information which is covered by legal, professional or other privilege. If you are not the intended addressee, or someone authorized by the intended addressee to receive transmissions on behalf of the addressee, you must not retain, disclose in any form, copy or take any action in reliance on this transmission. If you have received this transmission in error, please notify the sender as soon as possible and destroy this message. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Tomcat startup with JDBC Realm
I have committed a patch for tomcat 5 that fixes this. It is available with HEAD or tomcat 5.0.10 (which doesn't exist yet). If people test can test 5 and it is OK - I can back port it to tomcat 4.1.X. If your impatient, the code for JDBCRealm from 5 would be the same as 4.1 so you can: - Get the version from 5 (http://cvs.apache.org/viewcvs.cgi/jakarta-tomcat-catalina/catalina/src/share/org/apache/catalina/realm/JDBCRealm.java?rev=1.2content-type=text/vnd.viewcvs-markup) - Compile it with $CATALINA_HOME/server/lib/*.jar and $CATALINA_HOME/common/lib/*.jar in your classpath - Place the resulting class file as $CATALINA_HOME/server/classes/org/apache/catalina/realm/JDBCRealm.class - Last but not least ... Hope that the above works (It should) -Tim Koes, Derrick wrote: I have a timing issue where both my database and tomcat are being run as Windows services. If my server reboots for some reason, even though I have startup dependencies (tomcat depends on db), tomcat often doesn't start my web app because it failed the initial JDBC check it does for a database when there is a JDBC realm configured. I presume this is because Windows reports the db service as started so the tomcat service attempts to start. However, the db isn't fully up when the service is started. Have others witnessed this issue? Workarounds? Thanks, Derrick - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm question
Hi all. I am using auth-methodBASIC/auth-method to have users log in. Is there a way for me to get the current username of the user that just logged in, in a servlet? I would like to log into a database each time a user logs in. Thanks. _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm question
Try this .. public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { String username = req.getUserPrincipal().getName(); } Patrick Farrell -Original Message- From: Jon Felmey [mailto:[EMAIL PROTECTED] Sent: Friday, July 11, 2003 3:29 PM To: [EMAIL PROTECTED] Subject: JDBC Realm question Hi all. I am using auth-methodBASIC/auth-method to have users log in. Is there a way for me to get the current username of the user that just logged in, in a servlet? I would like to log into a database each time a user logs in. Thanks. _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] *** This message is intended only for the use of the intended recipient and may contain information that is PRIVILEGED and/or CONFIDENTIAL. If you are not the intended recipient, you are hereby notified that any use, dissemination, disclosure or copying of this communication is strictly prohibited. If you have received this communication in error, please destroy all copies of this message and its attachments and notify us immediately. *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm question
That did it. Thank you very much. From: Farrell, Patrick [EMAIL PROTECTED] Reply-To: Tomcat Users List [EMAIL PROTECTED] To: 'Tomcat Users List' [EMAIL PROTECTED] Subject: RE: JDBC Realm question Date: Fri, 11 Jul 2003 15:38:04 -0400 Try this .. public void doGet(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { String username = req.getUserPrincipal().getName(); } Patrick Farrell -Original Message- From: Jon Felmey [mailto:[EMAIL PROTECTED] Sent: Friday, July 11, 2003 3:29 PM To: [EMAIL PROTECTED] Subject: JDBC Realm question Hi all. I am using auth-methodBASIC/auth-method to have users log in. Is there a way for me to get the current username of the user that just logged in, in a servlet? I would like to log into a database each time a user logs in. Thanks. _ Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] *** This message is intended only for the use of the intended recipient and may contain information that is PRIVILEGED and/or CONFIDENTIAL. If you are not the intended recipient, you are hereby notified that any use, dissemination, disclosure or copying of this communication is strictly prohibited. If you have received this communication in error, please destroy all copies of this message and its attachments and notify us immediately. *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] _ MSN 8 helps eliminate e-mail viruses. Get 2 months FREE*. http://join.msn.com/?page=features/virus - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm Warning Message?
You don't have to specify a role. -Original Message- From: Rick Roberts [mailto:[EMAIL PROTECTED] Sent: 08 July 2003 19:18 To: Tomcat Users List Subject: Re: JDBC Realm Warning Message? Thanks for reply Mike. After thinkin about this message some more; I think that the reason I am getting this message is because I still have not successfully created a JDBC Realm. I'm thinking that the Roles are defined in the database that I'm not corectly reading yet. -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] PLEASE READ: The information contained in this email is confidential and intended for the named recipient(s) only. If you are not an intended recipient of this email you must not copy, distribute or take any further action in reliance on it and you should delete it and notify the sender immediately. Email is not a secure method of communication and Nomura International plc cannot accept responsibility for the accuracy or completeness of this message or any attachment(s). Please examine this email for virus infection, for which Nomura International plc accepts no responsibility. If verification of this email is sought then please request a hard copy. Unless otherwise stated any views or opinions presented are solely those of the author and do not represent those of Nomura International plc. This email is intended for informational purposes only and is not a solicitation or offer to buy or sell securities or related financial instruments. Nomura International plc is regulated by the Financial Services Authority and is a member of the London Stock Exchange. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm Warning Message?
Can anyone tell me what this message means, and how to correct it? 2003-07-08 12:56:03 ContextConfig[/hd]: WARNING: Security role name tomcat used in an auth-constraint without being defined in a security-role Here is a copy of my WEB-INF/web.xml: ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN http://java.sun.com/j2ee/dtds/web-app_2_3.dtd; web-app security-constraint web-resource-collection web-resource-nameProtected Area/web-resource-name !-- Define the context-relative URL(s) to be protected -- url-pattern/*/url-pattern !-- If methods are listed, only those methods will be protected -- http-methodDELETE/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method /web-resource-collection auth-constraint !-- Anyone with one of the listed roles may access this area -- role-nametomcat/role-name /auth-constraint /security-constraint login-config auth-methodFORM/auth-method realm-nameForm-Based Authentication Area/realm-name form-login-config form-login-page/login.jsp/form-login-page form-error-page/login_error.jsp/form-error-page /form-login-config /login-config /web-app -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm Warning Message?
From the DTD for web.xml: !-- The auth-constraint element indicates the user roles that should be permitted access to this resource collection. The role-name used here must either correspond to the role-name of one of the security-role elements defined for this web application, or be the specially reserved role-name * that is a compact syntax for indicating all roles in the web application. snip / -- So then.. it appears you need to define who 'tomcat' is, within a security-role element -Original Message- From: Rick Roberts [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 12:08 PM To: Tomcat Users List Subject: JDBC Realm Warning Message? Can anyone tell me what this message means, and how to correct it? 2003-07-08 12:56:03 ContextConfig[/hd]: WARNING: Security role name tomcat used in an auth-constraint without being defined in a security-role Here is a copy of my WEB-INF/web.xml: ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN http://java.sun.com/j2ee/dtds/web-app_2_3.dtd; web-app security-constraint web-resource-collection web-resource-nameProtected Area/web-resource-name !-- Define the context-relative URL(s) to be protected -- url-pattern/*/url-pattern !-- If methods are listed, only those methods will be protected -- http-methodDELETE/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method /web-resource-collection auth-constraint !-- Anyone with one of the listed roles may access this area -- role-nametomcat/role-name /auth-constraint /security-constraint login-config auth-methodFORM/auth-method realm-nameForm-Based Authentication Area/realm-name form-login-config form-login-page/login.jsp/form-login-page form-error-page/login_error.jsp/form-error-page /form-login-config /login-config /web-app -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm Warning Message?
Thanks for reply Mike. After thinkin about this message some more; I think that the reason I am getting this message is because I still have not successfully created a JDBC Realm. I'm thinking that the Roles are defined in the database that I'm not corectly reading yet. -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm Warning Message?
Rick Roberts wrote: Thanks for reply Mike. After thinkin about this message some more; I think that the reason I am getting this message is because I still have not successfully created a JDBC Realm. I'm thinking that the Roles are defined in the database that I'm not corectly reading yet. Otherwise; where would a security-role element belong? Should it be part of web.xml? I am assuming (lots of stuff, because I have not done this before) that the ROLE field in the database is where the security-roles are defined. Please tell me where my mistake is. Thanks -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm Warning Message?
Reply inlined -Original Message- From: Rick Roberts [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 1:51 PM To: Tomcat Users List Subject: Re: JDBC Realm Warning Message? Rick Roberts wrote: Thanks for reply Mike. After thinkin about this message some more; I think that the reason I am getting this message is because I still have not successfully created a JDBC Realm. I'm thinking that the Roles are defined in the database that I'm not corectly reading yet. Well no, the error you're getting is that your web.xml file is not set up correctly. In the context of container-managed security, the container will parse and load server.xml (where you set up the JDBC Realm) and then for your web application, web.xml gets parsed to find out which resources are secured and available to which roles. You've got the first part of that (which resources) but not the second (the roles) Otherwise; where would a security-role element belong? Should it be part of web.xml? Yup, from the DTD: !-- The security-role element contains the definition of a security role. The definition consists of an optional description of the security role, and the security role name. Used in: web-app Example: security-role description This role includes all employees who are authorized to access the employee service application. /description role-nameemployee/role-name /security-role -- I am assuming (lots of stuff, because I have not done this before) that the ROLE field in the database is where the security-roles are defined. Please tell me where my mistake is. Thanks -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm Warning Message?
the tomcat user/role gets configured in a flat file called tomcat-users.xml which lives in your tomcat directory. the tomcat user loads the file as a JNDI resource by having the following directive in the server context of server.xml: !-- Global JNDI resources -- GlobalNamingResources !-- Editable user database that can also be used by UserDatabaseRealm to authenticate users -- Resource name=UserDatabase auth=Container type=org.apache.catalina.UserDatabase description=User database that can be updated and saved /Resource ResourceParams name=UserDatabase parameter namefactory/name valueorg.apache.catalina.users.MemoryUserDatabaseFactory/value /parameter parameter namepathname/name valueconf/tomcat-users.xml/value /parameter /ResourceParams /GlobalNamingResources then your tomcat-users.xml file should look something like this (it probably already does): ?xml version='1.0' encoding='utf-8'? tomcat-users role rolename=tomcat/ role rolename=role1/ user username=tomcat password=tomcat roles=tomcat/ user username=both password=tomcat roles=tomcat,role1/ user username=role1 password=tomcat roles=role1/ /tomcat-users note that you can define your own roles and users and code your own user auth module to use this as well. additionally if you want to use the manager/admin webapps you will need to configure roles for manager and admin and add users that have those roles because those roles are how the manager and admin apps authenticate. hope that solves your problem. .sander { Rick Roberts was saying }: Rick Roberts wrote: Thanks for reply Mike. After thinkin about this message some more; I think that the reason I am getting this message is because I still have not successfully created a JDBC Realm. I'm thinking that the Roles are defined in the database that I'm not corectly reading yet. Otherwise; where would a security-role element belong? Should it be part of web.xml? I am assuming (lots of stuff, because I have not done this before) that the ROLE field in the database is where the security-roles are defined. Please tell me where my mistake is. Thanks -- I know not with what weapons World War III will be fought, but World War IV will be fought with sticks and stones. - Einstein sander-martijn mailto:[EMAIL PROTECTED] interface developer | architect [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] www.sander-martijn.com http://www.sander-martijn.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm Warning Message?
OK. The error message is gone now! Thanks. It took me a few tries to figure out where the security-role needed to go but finally found it by trial and error. STILL GETTING THIS ERROR THO: No Realm has been configured to authenticate against If I comment out the UserDatabaseRealm, then I get the error, If I leave it in I don't get the error message, but my test app does not successfully log-in. QUESTIONS: 1. Should my new JDBC Realm be located inside Engine or Host element? 2. Should I need to comment out the UserDatabaseRealm that is defined in the Tomcat sample server.xml file? 3. Where can I find detail information about how to set up web.xml and server.xml? 4. I found this piece of code in Ian McFarland's book. Is this the correct way to do the login form? form method=POST action='%=response.encodeURL(j_security_check) %' here is a snip from my server.xml file: snip !-- Define the top level container in our container hierarchy -- Engine name=Standalone defaultHost=localhost debug=0 !-- Global logger unless overridden at lower levels -- Logger className=org.apache.catalina.logger.FileLogger prefix=catalina_log. suffix=.txt timestamp=true/ !-- Because this Realm is here, an instance will be shared globally -- !-- This Realm uses the UserDatabase configured in the global JNDI resources under the key UserDatabase. Any edits that are performed against this UserDatabase are immediately available for use by the Realm. -- !-- Realm className=org.apache.catalina.realm.UserDatabaseRealm debug=0 resourceName=UserDatabase/ -- !-- Define the default virtual host -- Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true Realm className=org.apache.catalina.realm.JDBCRealm connectionName=AI_DBA connectionPassword=SUKHOI connectionURL=jdbc:oracle:thin:@sukoi:1521:orcl driverName=oracle.jdbc.driver.OracleDriver userTable=REALM_USER userNameCol=LOGIN userCredCol=PASSWORD userRoleTable=REALM_ROLE roleNameCol=ROLE / /snip This is my web.xml now: - ?xml version=1.0 encoding=ISO-8859-1? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN http://java.sun.com/j2ee/dtds/web-app_2_3.dtd; web-app security-constraint web-resource-collection web-resource-nameProtected Area/web-resource-name !-- Define the context-relative URL(s) to be protected -- url-pattern/*/url-pattern !-- Only methods listed will be protected -- http-methodDELETE/http-method http-methodGET/http-method http-methodPOST/http-method http-methodPUT/http-method /web-resource-collection auth-constraint !-- Anyone with one of the listed roles may access this area -- role-nametomcat/role-name /auth-constraint /security-constraint login-config auth-methodFORM/auth-method realm-nameForm-Based Authentication Area/realm-name form-login-config form-login-page/login.jsp/form-login-page form-error-page/login_error.jsp/form-error-page /form-login-config /login-config security-role description tomcat test role /description role-nametomcat/role-name /security-role /web-app here is my login.jsp file: --- [EMAIL PROTECTED] contentType=text/html% html head titleLogin/title /head body bgcolor=white form method=POST action='%= response.encodeURL(j_security_check) %' table border=0 cellspcacing=5 tr th align=rightUsername:/th td align=leftinput type=text name=j_username/td /tr tr th align=rightPassword:/th td align=leftinput type=password name=j_passsword/td /tr tr td align=rightinput type=submit value=Log In/td td align=leftinput type=reset/td /tr /table /body /html Thanks, -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm Warning Message?
Oh! One other question. Does the tomcat-users.xml file have anything to do with setting up a JDBC Realm? -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm Warning Message?
quickly: no. that's the memoryrealm -Original Message- From: Rick Roberts [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 4:04 PM To: Tomcat Users List Subject: Re: JDBC Realm Warning Message? Oh! One other question. Does the tomcat-users.xml file have anything to do with setting up a JDBC Realm? -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm Warning Message?
-Original Message- From: Rick Roberts [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 3:59 PM To: Tomcat Users List Subject: Re: JDBC Realm Warning Message? OK. The error message is gone now! Thanks. It took me a few tries to figure out where the security-role needed to go but finally found it by trial and error. STILL GETTING THIS ERROR THO: No Realm has been configured to authenticate against If I comment out the UserDatabaseRealm, then I get the error, If I leave it in I don't get the error message, but my test app does not successfully log-in. QUESTIONS: 1. Should my new JDBC Realm be located inside Engine or Host element? right where you commented out (just below it, for example) the memoryrealm Check the comment !-- Because this Realm is here, an instance will be shared globally -- If you want it not shared globally, then you'll need to declare it 'lower' in the chain. The Tomcat docs tell you where you can place it. (honest) 2. Should I need to comment out the UserDatabaseRealm that is defined in the Tomcat sample server.xml file? yes (or no, if you want this one to serve globally, but your JDBCRealm to be used more locally). 3. Where can I find detail information about how to set up web.xml and server.xml? Through the DTDs and the servlet api. DTD's specifically help you out with where your elements ought to go, so that when the docs say just add this to web.xml, you can use the DTD (either with a validating XML editor, or by eye) to verify the placement. Also, server.xml has *plenty* of comments, and is heavily HOW-TO'd in Tomcat docs. 4. I found this piece of code in Ian McFarland's book. Is this the correct way to do the login form? form method=POST action='%=response.encodeURL(j_security_check) %' Sorry, can't say. It looks about right, but if I'm doing container-managed, I usually just do Basic AUTH. (which throws the OS-based dialog box). Here is an article I found that is quite good: http://www.onjava.com/pub/a/onjava/2001/07/24/tomcat.html Note it's the 2nd page that starts talking about JDBC Realm Thanks, -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm Warning Message?
Mike, Thanks a bunch!! I feel like I'm well on my way to figuring this out now. Where can I find the DTDs and the servlet API? Sorry, can't say. It looks about right, but if I'm doing container-managed, I usually just do Basic AUTH. (which throws the OS-based dialog box). I can't stand Basic AUTH! Gotta figure out Form Based AUTH :) Thanks again! -- *** * Rick Roberts* * Advanced Information Technologies, Inc. * *** - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm Warning Message?
-Original Message- From: Rick Roberts [mailto:[EMAIL PROTECTED] Sent: Tuesday, July 08, 2003 4:22 PM To: Tomcat Users List Subject: Re: JDBC Realm Warning Message? Mike, Thanks a bunch!! I feel like I'm well on my way to figuring this out now. Where can I find the DTDs and the servlet API? At the top of web.xml there is a DOCTYPE tag (or there should be, check under conf/web.xml if yours is missing one) The address of the DTD is there. The servlet API is available from java.sun.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Configuring Tomcat to use a JDBC Realm
Isn't mysql a client program? If so, I can connect with the user/pw. Tarun Ramakrishna Elankath wrote: Seems like an access problem to me. Dean, did you try connecting to the server from a mysql client with the given username/password to check whether you are able to connect ? On Sat, 2003-03-29 at 07:50, Dean A. Hoover wrote: Can you be a little more specific? I'm not a mysql expert. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Configuring Tomcat to use a JDBC Realm
I am attempting to use JDBC Realm as described in the Apress book by James Goodwill. My os is RH 8.0. I'm using MySQL 4.0.12 and Connector/J 3.06. I am using Tomcat 4.0.6. I set up a tomcatusers database and a test user as per the book. I dropped mysql-connector-java-3.0.6-stable-bin.jar into $TOMCAT_HOME/common/lib I modified the server.xml file as follows: !-- Realm className=org.apache.catalina.realm.MemoryRealm / -- !-- Replace the above Realm with one of the following to get a Realm stored in a database and accessed via JDBC -- Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.mysql.jdbc.Driver connectionURL=jdbc:mysql://localhost/tomcatusers?user=test;password=test userTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name I then attempt to go to http://localhost:8080/apress/login.jsp in my mozilla browser. Nothing happens. I go to check for a clue in the logs. This is what I get: - Root Cause - java.sql.SQLException: Server configuration denies access to data source at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:392) at com.mysql.jdbc.Connection.createNewIO(Connection.java:1511) at com.mysql.jdbc.Connection.init(Connection.java:485) at com.mysql.jdbc.Driver.connect(Driver.java:341) at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:548) at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.java:613) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1108) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:343) at org.apache.catalina.core.StandardService.start(StandardService.java:388) at org.apache.catalina.core.StandardServer.start(StandardServer.java:506) at org.apache.catalina.startup.Catalina.start(Catalina.java:781) at org.apache.catalina.startup.Catalina.execute(Catalina.java:681) at org.apache.catalina.startup.Catalina.process(Catalina.java:179) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:243) Anyone got any ideas how I can fix this? Thanks. Dean Hoover - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Configuring Tomcat to use a JDBC Realm
check mysql port -Original Message- From: Dean A. Hoover [mailto:[EMAIL PROTECTED] Sent: Saturday, March 29, 2003 9:20 AM To: [EMAIL PROTECTED] Subject: Configuring Tomcat to use a JDBC Realm I am attempting to use JDBC Realm as described in the Apress book by James Goodwill. My os is RH 8.0. I'm using MySQL 4.0.12 and Connector/J 3.06. I am using Tomcat 4.0.6. I set up a tomcatusers database and a test user as per the book. I dropped mysql-connector-java-3.0.6-stable-bin.jar into $TOMCAT_HOME/common/lib I modified the server.xml file as follows: !-- Realm className=org.apache.catalina.realm.MemoryRealm / -- !-- Replace the above Realm with one of the following to get a Realm stored in a database and accessed via JDBC -- Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.mysql.jdbc.Driver connectionURL=jdbc:mysql://localhost/tomcatusers?user=test;password=test userTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name I then attempt to go to http://localhost:8080/apress/login.jsp in my mozilla browser. Nothing happens. I go to check for a clue in the logs. This is what I get: - Root Cause - java.sql.SQLException: Server configuration denies access to data source at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:392) at com.mysql.jdbc.Connection.createNewIO(Connection.java:1511) at com.mysql.jdbc.Connection.init(Connection.java:485) at com.mysql.jdbc.Driver.connect(Driver.java:341) at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:548) at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.java:613) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1108) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:343) at org.apache.catalina.core.StandardService.start(StandardService.java:388) at org.apache.catalina.core.StandardServer.start(StandardServer.java:506) at org.apache.catalina.startup.Catalina.start(Catalina.java:781) at org.apache.catalina.startup.Catalina.execute(Catalina.java:681) at org.apache.catalina.startup.Catalina.process(Catalina.java:179) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39 ) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl .java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:243) Anyone got any ideas how I can fix this? Thanks. Dean Hoover - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Configuring Tomcat to use a JDBC Realm
Can you be a little more specific? I'm not a mysql expert. Galbayar Dorjgotov wrote: check mysql port -Original Message- From: Dean A. Hoover [mailto:[EMAIL PROTECTED] Sent: Saturday, March 29, 2003 9:20 AM To: [EMAIL PROTECTED] Subject: Configuring Tomcat to use a JDBC Realm I am attempting to use JDBC Realm as described in the Apress book by James Goodwill. My os is RH 8.0. I'm using MySQL 4.0.12 and Connector/J 3.06. I am using Tomcat 4.0.6. I set up a tomcatusers database and a test user as per the book. I dropped mysql-connector-java-3.0.6-stable-bin.jar into $TOMCAT_HOME/common/lib I modified the server.xml file as follows: !-- Realm className=org.apache.catalina.realm.MemoryRealm / -- !-- Replace the above Realm with one of the following to get a Realm stored in a database and accessed via JDBC -- Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.mysql.jdbc.Driver connectionURL=jdbc:mysql://localhost/tomcatusers?user=test;password=test userTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name I then attempt to go to http://localhost:8080/apress/login.jsp in my mozilla browser. Nothing happens. I go to check for a clue in the logs. This is what I get: - Root Cause - java.sql.SQLException: Server configuration denies access to data source at com.mysql.jdbc.MysqlIO.doHandshake(MysqlIO.java:392) at com.mysql.jdbc.Connection.createNewIO(Connection.java:1511) at com.mysql.jdbc.Connection.init(Connection.java:485) at com.mysql.jdbc.Driver.connect(Driver.java:341) at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:548) at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.java:613) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1108) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:343) at org.apache.catalina.core.StandardService.start(StandardService.java:388) at org.apache.catalina.core.StandardServer.start(StandardServer.java:506) at org.apache.catalina.startup.Catalina.start(Catalina.java:781) at org.apache.catalina.startup.Catalina.execute(Catalina.java:681) at org.apache.catalina.startup.Catalina.process(Catalina.java:179) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39 ) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl .java:25) at java.lang.reflect.Method.invoke(Method.java:324) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:243) Anyone got any ideas how I can fix this? Thanks. Dean Hoover - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Configuring Tomcat to use a JDBC Realm
Seems like an access problem to me. Dean, did you try connecting to the server from a mysql client with the given username/password to check whether you are able to connect ? On Sat, 2003-03-29 at 07:50, Dean A. Hoover wrote: Can you be a little more specific? I'm not a mysql expert. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm MS SQL 2000
Hi. I am trying to create a realm login. When I use a mysql, MS Access or Oracle DB it works just fine. But when I try with MS SQL 2000 server it just does not work. Can anybody tell me why? Søren Blidorf Nolas Consulting Gustav Wiedsvej 9 DK-2860 Søborg Telefon: +45 39676513 Direkte: +45 61676513 Web: www.nolas.dk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm MS SQL 2000
Søren Blidorf wrote: Hi. I am trying to create a realm login. When I use a mysql, MS Access or Oracle DB it works just fine. But when I try with MS SQL 2000 server it just does not work. Can anybody tell me why? Søren Blidorf Nolas Consulting Gustav Wiedsvej 9 DK-2860 Søborg Telefon: +45 39676513 Direkte: +45 61676513 Web: www.nolas.dk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Can you tell us more about it just does not work... what is your conf, properties...etc... Xavier - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
VS: JDBC Realm MS SQL 2000
This is how I set it up for Access. When I change the driver settings to Oracle or MySQL it works just fine. The connection to the SQL server works just fine. It is only the realm that does not work. I am not sure what else to send!!! Context path=/web docBase=c:/projects/web/web debug=0 reloadable=true Realm className=org.apache.catalina.realm.JDBCRealm debug=0 connectionName=username connectionPassword=password driverName=sun.jdbc.odbc.JdbcOdbcDriver connectionURL=jdbc:odbc:web userTable=users userNameCol=username userCredCol=password userRoleTable=user_roles roleNameCol=rolename / /Context -Oprindelig meddelelse- Fra: Xavier Prélat [mailto:[EMAIL PROTECTED] Sendt: 25. februar 2003 13:44 Til: Tomcat Users List Emne: Re: JDBC Realm MS SQL 2000 Søren Blidorf wrote: Hi. I am trying to create a realm login. When I use a mysql, MS Access or Oracle DB it works just fine. But when I try with MS SQL 2000 server it just does not work. Can anybody tell me why? Søren Blidorf Nolas Consulting Gustav Wiedsvej 9 DK-2860 Søborg Telefon: +45 39676513 Direkte: +45 61676513 Web: www.nolas.dk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Can you tell us more about it just does not work... what is your conf, properties...etc... Xavier - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm MS SQL 2000
What Exception do you get? - Original Message - From: Søren Blidorf [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 7:51 AM Subject: VS: JDBC Realm MS SQL 2000 This is how I set it up for Access. When I change the driver settings to Oracle or MySQL it works just fine. The connection to the SQL server works just fine. It is only the realm that does not work. I am not sure what else to send!!! Context path=/web docBase=c:/projects/web/web debug=0 reloadable=true Realm className=org.apache.catalina.realm.JDBCRealm debug=0 connectionName=username connectionPassword=password driverName=sun.jdbc.odbc.JdbcOdbcDriver connectionURL=jdbc:odbc:web userTable=users userNameCol=username userCredCol=password userRoleTable=user_roles roleNameCol=rolename / /Context -Oprindelig meddelelse- Fra: Xavier Prélat [mailto:[EMAIL PROTECTED] Sendt: 25. februar 2003 13:44 Til: Tomcat Users List Emne: Re: JDBC Realm MS SQL 2000 Søren Blidorf wrote: Hi. I am trying to create a realm login. When I use a mysql, MS Access or Oracle DB it works just fine. But when I try with MS SQL 2000 server it just does not work. Can anybody tell me why? Søren Blidorf Nolas Consulting Gustav Wiedsvej 9 DK-2860 Søborg Telefon: +45 39676513 Direkte: +45 61676513 Web: www.nolas.dk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Can you tell us more about it just does not work... what is your conf, properties...etc... Xavier - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
SV: JDBC Realm MS SQL 2000
None. I am being refered to my loginerror page. I forgot to write that I am not sure what to write in the Realm. Sorry. Context path=/web docBase=c:/projects/web/web debug=0 reloadable=true Realm className=org.apache.catalina.realm.JDBCRealm debug=0 connectionName=username connectionPassword=password driverName=sun.jdbc.odbc.JdbcOdbcDriver connectionURL=jdbc:odbc:web userTable=users userNameCol=username userCredCol=password userRoleTable=user_roles roleNameCol=rolename / /Context I normally write db..tablename, so do I write db.users? or just users Either way it just returns to my errorpage -Oprindelig meddelelse- Fra: Ian Hunter [mailto:[EMAIL PROTECTED] Sendt: 25. februar 2003 14:27 Til: Tomcat Users List Emne: Re: JDBC Realm MS SQL 2000 What Exception do you get? - Original Message - From: Søren Blidorf [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 7:51 AM Subject: VS: JDBC Realm MS SQL 2000 This is how I set it up for Access. When I change the driver settings to Oracle or MySQL it works just fine. The connection to the SQL server works just fine. It is only the realm that does not work. I am not sure what else to send!!! Context path=/web docBase=c:/projects/web/web debug=0 reloadable=true Realm className=org.apache.catalina.realm.JDBCRealm debug=0 connectionName=username connectionPassword=password driverName=sun.jdbc.odbc.JdbcOdbcDriver connectionURL=jdbc:odbc:web userTable=users userNameCol=username userCredCol=password userRoleTable=user_roles roleNameCol=rolename / /Context -Oprindelig meddelelse- Fra: Xavier Prélat [mailto:[EMAIL PROTECTED] Sendt: 25. februar 2003 13:44 Til: Tomcat Users List Emne: Re: JDBC Realm MS SQL 2000 Søren Blidorf wrote: Hi. I am trying to create a realm login. When I use a mysql, MS Access or Oracle DB it works just fine. But when I try with MS SQL 2000 server it just does not work. Can anybody tell me why? Søren Blidorf Nolas Consulting Gustav Wiedsvej 9 DK-2860 Søborg Telefon: +45 39676513 Direkte: +45 61676513 Web: www.nolas.dk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Can you tell us more about it just does not work... what is your conf, properties...etc... Xavier - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm MS SQL 2000
Here is a working example: Realm name=IISRealm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.microsoft.jdbc.sqlserver.SQLServerDriver connectionURL=jdbc:microsoft:sqlserver://xxx.mhsoftware.com:1433;DatabaseNa me=MyData;ProgramName=My Web Application;SelectMethod=cursor connectionName=MyUser connectionPassword=MyUser userTable=vWebUsers userNameCol=j_username userCredCol=Password userRoleTable=WebRoles roleNameCol=role_name / The application select method on the connection URL is required. -Original Message- From: Søren Blidorf [mailto:[EMAIL PROTECTED] Sent: Tuesday, February 25, 2003 5:36 AM To: [EMAIL PROTECTED] Subject: JDBC Realm MS SQL 2000 Hi. I am trying to create a realm login. When I use a mysql, MS Access or Oracle DB it works just fine. But when I try with MS SQL 2000 server it just does not work. Can anybody tell me why? Søren Blidorf Nolas Consulting Gustav Wiedsvej 9 DK-2860 Søborg Telefon: +45 39676513 Direkte: +45 61676513 Web: www.nolas.dk - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm problem
I am unable to start Tomcat with a JDBC Realm configured. I am guessing it is because Tomcat can't find the JDBC driver, but it should be able to. I have the driver in shared/lib and shared/classes. Here is my Realm configuration from server.xml: Realm className=org.apache.catalina.realm.JDBCRealm driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost/dbmis?user=uname amp;password=pass userTable=users userNameCol=userlogin userCredCol=userpass userRoleName=usergroups roleNameCol=groupname debug=99 / I added the %amp; when Tomcat wouldn't start because of an XML error when I had a plain '' in there. This is the relevant section of catalina.out: Starting service Tomcat-Standalone Apache Tomcat/4.1.18 Catalina.start: LifecycleException: Exception opening database connection: java.sql.SQLException: org.gjt.mm.mysql.Driver LifecycleException: Exception opening database connection: java.sql.SQLException: org.gjt.mm.mysql.Driver at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.jav a:681) at org.apache.catalina.core.ContainerBase.start(ContainerB ase.java:1173) at org.apache.catalina.core.StandardEngine.start(StandardE ngine.java:347) at org.apache.catalina.core.StandardService.start(Standard Service.java:497) at org.apache.catalina.core.StandardServer.start(StandardS erver.java:2189) at org.apache.catalina.startup.Catalina.start(Catalina.jav a:512) at org.apache.catalina.startup.Catalina.execute(Catalina.j ava:400) at org.apache.catalina.startup.Catalina.process(Catalina.j ava:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMetho dAccessorImpl.java:61) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Delegat ingMethodAccessorImpl.java:40) at java.lang.reflect.Method.invoke(Method.java:335) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.ja va:203) - Root Cause - java.sql.SQLException: org.gjt.mm.mysql.Driver at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java :606) at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.jav a:679) at org.apache.catalina.core.ContainerBase.start(ContainerB ase.java:1173) at org.apache.catalina.core.StandardEngine.start(StandardE ngine.java:347) at org.apache.catalina.core.StandardService.start(Standard Service.java:497) at org.apache.catalina.core.StandardServer.start(StandardS erver.java:2189) at org.apache.catalina.startup.Catalina.start(Catalina.jav a:512) at org.apache.catalina.startup.Catalina.execute(Catalina.j ava:400) at org.apache.catalina.startup.Catalina.process(Catalina.j ava:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMetho dAccessorImpl.java:61) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Delegat ingMethodAccessorImpl.java:40) at java.lang.reflect.Method.invoke(Method.java:335) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.ja va:203) MySql logs show nothing, so I don't think it's an authentication problem or anything like that. I'd appreciate any ideas or suggestions anyone has. Thanks very much. Gregg - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm problem
Gregg - Are Tomcat and MySQL on the same box? I had some previous issues with not being able to reach the box, also had to do a lot of friggin with the permissions in MySQL. I am assuming you have granted permission to 'uname' @ 'localhost' Here is a copy of my server.xml as is right now and functioning: Server port=8005 shutdown=SHUTDOWN debug=0 Service name=Tomcat-Standalone Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=80 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=100 debug=0 connectionTimeout=2 useURIValidationHack=false disableUploadTimeout=true / Engine name=Standalone defaultHost=localhost debug=0 Logger className=org.apache.catalina.logger.FileLogger prefix=catalina_log. suffix=.txt timestamp=true/ Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://198.000.000.00/MailAdmn connectionName=user connectionPassword=pass userTable=tblUsers userNameCol=user_name userCredCol=user_pass userRoleTable=tblUser_Role roleNameCol=role_name digest = md5/ Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=gpeters_access_log. suffix=.txt pattern=common resolveHosts=false/ Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=gpeters_log. suffix=.txt timestamp=true/ Context path= docBase=ROOT debug=99/ Context path=/Mail docBase=Mail debug=99 reloadable=true crossContext=true Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://198.000.000.00/MailAdmn connectionName=user connectionPassword=pass userTable=tblUsers userNameCol=user_name userCredCol=user_pass userRoleTable=tblUser_Role roleNameCol=role_name digest = md5/ Logger className=org.apache.catalina.logger.FileLogger prefix=tomcat_MailApp_log. suffix=.txt timestamp=true / /Context /Host /Engine /Service /Server -Original Message- From: Barley [mailto:[EMAIL PROTECTED]] Sent: Tuesday, February 18, 2003 1:40 PM To: [EMAIL PROTECTED] Subject: JDBC Realm problem I am unable to start Tomcat with a JDBC Realm configured. I am guessing it is because Tomcat can't find the JDBC driver, but it should be able to. I have the driver in shared/lib and shared/classes. Here is my Realm configuration from server.xml: Realm className=org.apache.catalina.realm.JDBCRealm driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost/dbmis?user=uname amp;password=pass userTable=users userNameCol=userlogin userCredCol=userpass userRoleName=usergroups roleNameCol=groupname debug=99 / I added the %amp; when Tomcat wouldn't start because of an XML error when I had a plain '' in there. This is the relevant section of catalina.out: Starting service Tomcat-Standalone Apache Tomcat/4.1.18 Catalina.start: LifecycleException: Exception opening database connection: java.sql.SQLException: org.gjt.mm.mysql.Driver LifecycleException: Exception opening database connection: java.sql.SQLException: org.gjt.mm.mysql.Driver at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.jav a:681) at org.apache.catalina.core.ContainerBase.start(ContainerB ase.java:1173) at org.apache.catalina.core.StandardEngine.start(StandardE ngine.java:347) at org.apache.catalina.core.StandardService.start(Standard Service.java:497) at org.apache.catalina.core.StandardServer.start(StandardS erver.java:2189) at org.apache.catalina.startup.Catalina.start(Catalina.jav a:512) at org.apache.catalina.startup.Catalina.execute(Catalina.j ava:400) at org.apache.catalina.startup.Catalina.process(Catalina.j ava:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMetho dAccessorImpl.java:61) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Delegat ingMethodAccessorImpl.java:40) at java.lang.reflect.Method.invoke(Method.java:335) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.ja va:203) - Root Cause - java.sql.SQLException: org.gjt.mm.mysql.Driver
Re: JDBC Realm problem
Hello, Barley. From the HOW-TO from 4.1's documentation: Place a copy of the JDBC driver you will be using inside the $CATALINA_HOME/server/lib directory (if you do not need it visible to web applications) or $CATALINA_HOME/common/lib (if it will be used both by Tomcat 4 and by your apps). Note that only JAR files are recognized! From the HOW-TO from 3.3's documentation: - Make sure that the JDBC driver is in the lib/container directory. By the way, both 3.3 and 4.1 JDBCRealm declarations accept connectionName and connectionPassword attributes wherein you can assign a database username and password for the connection. Try using those attributes instead of embedding the username and password in connectionURL. Good luck. -- Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com Barley [EMAIL PROTECTED] wrote in message 003001c2d774$cfbec780$0100a8c0@glamdring">news:003001c2d774$cfbec780$0100a8c0@glamdring... I am unable to start Tomcat with a JDBC Realm configured. I am guessing it is because Tomcat can't find the JDBC driver, but it should be able to. I have the driver in shared/lib and shared/classes. Here is my Realm configuration from server.xml: Realm className=org.apache.catalina.realm.JDBCRealm driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost/dbmis?user=uname amp;password=pass userTable=users userNameCol=userlogin userCredCol=userpass userRoleName=usergroups roleNameCol=groupname debug=99 / I added the %amp; when Tomcat wouldn't start because of an XML error when I had a plain '' in there. This is the relevant section of catalina.out: Starting service Tomcat-Standalone Apache Tomcat/4.1.18 Catalina.start: LifecycleException: Exception opening database connection: java.sql.SQLException: org.gjt.mm.mysql.Driver LifecycleException: Exception opening database connection: java.sql.SQLException: org.gjt.mm.mysql.Driver at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.jav a:681) at org.apache.catalina.core.ContainerBase.start(ContainerB ase.java:1173) at org.apache.catalina.core.StandardEngine.start(StandardE ngine.java:347) at org.apache.catalina.core.StandardService.start(Standard Service.java:497) at org.apache.catalina.core.StandardServer.start(StandardS erver.java:2189) at org.apache.catalina.startup.Catalina.start(Catalina.jav a:512) at org.apache.catalina.startup.Catalina.execute(Catalina.j ava:400) at org.apache.catalina.startup.Catalina.process(Catalina.j ava:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMetho dAccessorImpl.java:61) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Delegat ingMethodAccessorImpl.java:40) at java.lang.reflect.Method.invoke(Method.java:335) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.ja va:203) - Root Cause - java.sql.SQLException: org.gjt.mm.mysql.Driver at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java :606) at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.jav a:679) at org.apache.catalina.core.ContainerBase.start(ContainerB ase.java:1173) at org.apache.catalina.core.StandardEngine.start(StandardE ngine.java:347) at org.apache.catalina.core.StandardService.start(Standard Service.java:497) at org.apache.catalina.core.StandardServer.start(StandardS erver.java:2189) at org.apache.catalina.startup.Catalina.start(Catalina.jav a:512) at org.apache.catalina.startup.Catalina.execute(Catalina.j ava:400) at org.apache.catalina.startup.Catalina.process(Catalina.j ava:180) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMetho dAccessorImpl.java:61) at sun.reflect.DelegatingMethodAccessorImpl.invoke(Delegat ingMethodAccessorImpl.java:40) at java.lang.reflect.Method.invoke(Method.java:335) at org.apache.catalina.startup.Bootstrap.main(Bootstrap.ja va:203) MySql logs show nothing, so I don't think it's an authentication problem or anything like that. I'd appreciate any ideas or suggestions anyone has. Thanks very much. Gregg - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: JDBC Realm Authentication Problem
Sean - I didn't omit anything in my post - the serverl.xml is as it is in my app. I think you might have inadvertently answered my question, does my context level realm physically have to reside inside the context tag? (do I have to put a /context on after the realm)? I manager to get everything working, it is authenticating the manager app against the database fine now, and the lower level authentication works as well, I am not sure which realm is being used where, I am going to create a new database and see that it is working right. Thanks for the reply!! Geoff -Original Message- From: Sean Dockery [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 06, 2003 8:34 PM To: Tomcat Users List Subject: Re: JDBC Realm Authentication Problem Where I wrote did you remove, I meant to write did you omit. Basically I want to know exactly what you edited out of the server.xml file that you put in your message because you didn't think it was relevant. Basically, I suspect that if you left the memory realm at the engine level that authentication is failing against the memory realm (so it doesn't bother checking your JDBC realm at the engine level). At 17:27 2003-02-06 -0700, you wrote: Um. I don't see a context-level realm in there. There is a host-level realm, however. :-) Did you remove anything at all (such as other Realms) from the server.xml file that you presented? At 13:29 2003-02-06 -0400, you wrote: A small problem here, can't seem to figure out why. In the following server.xml, if I remove the context level realm, the authentication fails against the database (I can connect on startup, but I cannot authenticate to access the manager or admin applications). However, if I put the context level JDBC realm back in (exactly the same as the top level realm) Removing the top level realm makes no difference on startup or authentication. Shouldn't I be able to authenticate for the manager and admin outside of a contect level database? Thanks!! Geoff SERVER.XML: Server port=8005 shutdown=SHUTDOWN debug=0 Service name=Tomcat-Standalone Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=80 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=100 debug=0 connectionTimeout=2 useURIValidationHack=false disableUploadTimeout=true / Engine name=Standalone defaultHost=localhost debug=0 Logger className=org.apache.catalina.logger.FileLogger prefix=catalina_log. suffix=.txt timestamp=true/ Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://somewhere.com/MailAdmn connectionName=user connectionPassword=password userTable=tblUsers userNameCol=user_name userCredCol=user_pass userRoleTable=tblUser_Role roleNameCol=role_name digest = md5/ Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=gpeters_access_log. suffix=.txt pattern=common resolveHosts=false/ Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=gpeters_log. suffix=.txt timestamp=true/ Context path= docBase=ROOT debug=99/ Context path=/Mail docBase=Mail debug=99 reloadable=true crossContext=true / Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://somewhere.com/MailAdmn connectionName=user connectionPassword=password userTable=tblUsers userNameCol=user_name userCredCol=user_pass userRoleTable=tblUser_Role roleNameCol=role_name digest = md5/ Logger className=org.apache.catalina.logger.FileLogger prefix=tomcat_MailApp_log. suffix=.txt timestamp=true / /Host /Engine /Service /Server Geoff Peters, BScFE, AIT Phone : (441) 296-9640 Applications DeveloperFax: (441) 292-1509 Logic Communications E-mail : [EMAIL PROTECTED] 12 Par-La-Ville Road WWW: http://www.logic.bm Hamilton, Bermuda HM JX - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail
Re: JDBC Realm Authentication Problem
Yes, that is correct. To have a Realm apply only to a context, it must declared inside the context tags. So... Context ... / becomes Context ... Realm ... / /Context -- Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com Geoff Peters [EMAIL PROTECTED] wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... Sean - I didn't omit anything in my post - the serverl.xml is as it is in my app. I think you might have inadvertently answered my question, does my context level realm physically have to reside inside the context tag? (do I have to put a /context on after the realm)? I manager to get everything working, it is authenticating the manager app against the database fine now, and the lower level authentication works as well, I am not sure which realm is being used where, I am going to create a new database and see that it is working right. Thanks for the reply!! Geoff - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
JDBC Realm Authentication Problem
A small problem here, can't seem to figure out why. In the following server.xml, if I remove the context level realm, the authentication fails against the database (I can connect on startup, but I cannot authenticate to access the manager or admin applications). However, if I put the context level JDBC realm back in (exactly the same as the top level realm) Removing the top level realm makes no difference on startup or authentication. Shouldn't I be able to authenticate for the manager and admin outside of a contect level database? Thanks!! Geoff SERVER.XML: Server port=8005 shutdown=SHUTDOWN debug=0 Service name=Tomcat-Standalone Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=80 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=100 debug=0 connectionTimeout=2 useURIValidationHack=false disableUploadTimeout=true / Engine name=Standalone defaultHost=localhost debug=0 Logger className=org.apache.catalina.logger.FileLogger prefix=catalina_log. suffix=.txt timestamp=true/ Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://somewhere.com/MailAdmn connectionName=user connectionPassword=password userTable=tblUsers userNameCol=user_name userCredCol=user_pass userRoleTable=tblUser_Role roleNameCol=role_name digest = md5/ Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=gpeters_access_log. suffix=.txt pattern=common resolveHosts=false/ Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=gpeters_log. suffix=.txt timestamp=true/ Context path= docBase=ROOT debug=99/ Context path=/Mail docBase=Mail debug=99 reloadable=true crossContext=true / Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://somewhere.com/MailAdmn connectionName=user connectionPassword=password userTable=tblUsers userNameCol=user_name userCredCol=user_pass userRoleTable=tblUser_Role roleNameCol=role_name digest = md5/ Logger className=org.apache.catalina.logger.FileLogger prefix=tomcat_MailApp_log. suffix=.txt timestamp=true / /Host /Engine /Service /Server Geoff Peters, BScFE, AIT Phone : (441) 296-9640 Applications DeveloperFax: (441) 292-1509 Logic Communications E-mail : [EMAIL PROTECTED] 12 Par-La-Ville Road WWW: http://www.logic.bm Hamilton, Bermuda HM JX - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm Authentication Problem
Um. I don't see a context-level realm in there. There is a host-level realm, however. :-) Did you remove anything at all (such as other Realms) from the server.xml file that you presented? At 13:29 2003-02-06 -0400, you wrote: A small problem here, can't seem to figure out why. In the following server.xml, if I remove the context level realm, the authentication fails against the database (I can connect on startup, but I cannot authenticate to access the manager or admin applications). However, if I put the context level JDBC realm back in (exactly the same as the top level realm) Removing the top level realm makes no difference on startup or authentication. Shouldn't I be able to authenticate for the manager and admin outside of a contect level database? Thanks!! Geoff SERVER.XML: Server port=8005 shutdown=SHUTDOWN debug=0 Service name=Tomcat-Standalone Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=80 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=100 debug=0 connectionTimeout=2 useURIValidationHack=false disableUploadTimeout=true / Engine name=Standalone defaultHost=localhost debug=0 Logger className=org.apache.catalina.logger.FileLogger prefix=catalina_log. suffix=.txt timestamp=true/ Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://somewhere.com/MailAdmn connectionName=user connectionPassword=password userTable=tblUsers userNameCol=user_name userCredCol=user_pass userRoleTable=tblUser_Role roleNameCol=role_name digest = md5/ Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=gpeters_access_log. suffix=.txt pattern=common resolveHosts=false/ Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=gpeters_log. suffix=.txt timestamp=true/ Context path= docBase=ROOT debug=99/ Context path=/Mail docBase=Mail debug=99 reloadable=true crossContext=true / Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://somewhere.com/MailAdmn connectionName=user connectionPassword=password userTable=tblUsers userNameCol=user_name userCredCol=user_pass userRoleTable=tblUser_Role roleNameCol=role_name digest = md5/ Logger className=org.apache.catalina.logger.FileLogger prefix=tomcat_MailApp_log. suffix=.txt timestamp=true / /Host /Engine /Service /Server Geoff Peters, BScFE, AIT Phone : (441) 296-9640 Applications DeveloperFax: (441) 292-1509 Logic Communications E-mail : [EMAIL PROTECTED] 12 Par-La-Ville Road WWW: http://www.logic.bm Hamilton, Bermuda HM JX - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: JDBC Realm Authentication Problem
Where I wrote did you remove, I meant to write did you omit. Basically I want to know exactly what you edited out of the server.xml file that you put in your message because you didn't think it was relevant. Basically, I suspect that if you left the memory realm at the engine level that authentication is failing against the memory realm (so it doesn't bother checking your JDBC realm at the engine level). At 17:27 2003-02-06 -0700, you wrote: Um. I don't see a context-level realm in there. There is a host-level realm, however. :-) Did you remove anything at all (such as other Realms) from the server.xml file that you presented? At 13:29 2003-02-06 -0400, you wrote: A small problem here, can't seem to figure out why. In the following server.xml, if I remove the context level realm, the authentication fails against the database (I can connect on startup, but I cannot authenticate to access the manager or admin applications). However, if I put the context level JDBC realm back in (exactly the same as the top level realm) Removing the top level realm makes no difference on startup or authentication. Shouldn't I be able to authenticate for the manager and admin outside of a contect level database? Thanks!! Geoff SERVER.XML: Server port=8005 shutdown=SHUTDOWN debug=0 Service name=Tomcat-Standalone Connector className=org.apache.coyote.tomcat4.CoyoteConnector port=80 minProcessors=5 maxProcessors=75 enableLookups=true redirectPort=8443 acceptCount=100 debug=0 connectionTimeout=2 useURIValidationHack=false disableUploadTimeout=true / Engine name=Standalone defaultHost=localhost debug=0 Logger className=org.apache.catalina.logger.FileLogger prefix=catalina_log. suffix=.txt timestamp=true/ Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://somewhere.com/MailAdmn connectionName=user connectionPassword=password userTable=tblUsers userNameCol=user_name userCredCol=user_pass userRoleTable=tblUser_Role roleNameCol=role_name digest = md5/ Host name=localhost debug=0 appBase=webapps unpackWARs=true autoDeploy=true Valve className=org.apache.catalina.valves.AccessLogValve directory=logs prefix=gpeters_access_log. suffix=.txt pattern=common resolveHosts=false/ Logger className=org.apache.catalina.logger.FileLogger directory=logs prefix=gpeters_log. suffix=.txt timestamp=true/ Context path= docBase=ROOT debug=99/ Context path=/Mail docBase=Mail debug=99 reloadable=true crossContext=true / Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://somewhere.com/MailAdmn connectionName=user connectionPassword=password userTable=tblUsers userNameCol=user_name userCredCol=user_pass userRoleTable=tblUser_Role roleNameCol=role_name digest = md5/ Logger className=org.apache.catalina.logger.FileLogger prefix=tomcat_MailApp_log. suffix=.txt timestamp=true / /Host /Engine /Service /Server Geoff Peters, BScFE, AIT Phone : (441) 296-9640 Applications DeveloperFax: (441) 292-1509 Logic Communications E-mail : [EMAIL PROTECTED] 12 Par-La-Ville Road WWW: http://www.logic.bm Hamilton, Bermuda HM JX - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Sean Dockery [EMAIL PROTECTED] Certified Java Web Component Developer Certified Delphi Programmer SBD Consultants http://www.sbdconsultants.com - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Tomcat4 JDBC Realm: Problem With Informix
Dear Friends! I use Tomcat4 authentication (JDBCRealm) in my applications. It works fine with ORACLE, but trying to use this with INFORMIX database, I get the following error in stdout.log file when starting Tomcat: Create Catalina server Starting service Tomcat-Standalone Apache Tomcat/4.0.4 Catalina.start: LifecycleException: Exception opening database connection: java.sql.SQLException: Transactions not supported LifecycleException: Exception opening database connection: java.sql.SQLException: Transactions not supported at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.java:615) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1108) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:343) at org.apache.catalina.core.StandardService.start(StandardService.java:388) at org.apache.catalina.core.StandardServer.start(StandardServer.java:506) at org.apache.catalina.startup.CatalinaService.start(CatalinaService.java:2 61) at org.apache.catalina.startup.CatalinaService.execute(CatalinaService.java :172) at org.apache.catalina.startup.Catalina.process(Catalina.java:179) at java.lang.reflect.Method.invoke(Native Method) at org.apache.catalina.startup.BootstrapService.main(BootstrapService.java: 428) - Root Cause - java.sql.SQLException: Transactions not supported at com.informix.util.IfxErrMsg.getSQLException(IfxErrMsg.java:348) at com.informix.jdbc.IfxSqliConnect.setAutoCommit(IfxSqliConnect.java:1454) at org.apache.catalina.realm.JDBCRealm.open(JDBCRealm.java:549) at org.apache.catalina.realm.JDBCRealm.start(JDBCRealm.java:613) at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1108) at org.apache.catalina.core.StandardEngine.start(StandardEngine.java:343) at org.apache.catalina.core.StandardService.start(StandardService.java:388) at org.apache.catalina.core.StandardServer.start(StandardServer.java:506) at org.apache.catalina.startup.CatalinaService.start(CatalinaService.java:2 61) at org.apache.catalina.startup.CatalinaService.execute(CatalinaService.java :172) at org.apache.catalina.startup.Catalina.process(Catalina.java:179) at java.lang.reflect.Method.invoke(Native Method) at org.apache.catalina.startup.BootstrapService.main(BootstrapService.java: 428) JDBCRealm is configured in server.xml as follows: Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=com.informix.jdbc.IfxDriver connectionURL=jdbc:informix-sqli://MyServer:1526/standard:INFORMIXSERVE R=ice_wr connectionName=iceadmin connectionPassword=le_puy userTable=user_table userNameCol=anmeldung userCredCol=passwd userRoleTable=role_table roleNameCol=role/ Has anybody already faced this problem? What could be the solution? Thanx in advance Regards, Viktor -- To unsubscribe, e-mail: mailto:[EMAIL PROTECTED] For additional commands, e-mail: mailto:[EMAIL PROTECTED]
JDBC Realm example
I am not sure if this has come up or not, but the example showing how to do a JDBC realm at http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#JDBCRealm is incorrect. The example shows : Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost/authority?user=dbuserpassword=dbpass userTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name/ This does not get past the XML parser because the parser does not like the all by itself. This should be the HTML entity for the instead: Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost/authority?user=dbuseramp;password=dbpass userTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name/ -- John ___ John Murtari Software Workshop Inc. [EMAIL PROTECTED] 315.695.1301(x-211)TheBook.Com (TM) http://www.thebook.com/ -- To unsubscribe, e-mail: mailto:tomcat-user-unsubscribe;jakarta.apache.org For additional commands, e-mail: mailto:tomcat-user-help;jakarta.apache.org
Re: JDBC Realm example
You should also be able to use connectionUser=dbuser and connectionPassword=dbpass in the realm tag instead of putting it in the URL. Rick - Original Message - From: John Murtari [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, October 23, 2002 2:20 PM Subject: JDBC Realm example I am not sure if this has come up or not, but the example showing how to do a JDBC realm at http://jakarta.apache.org/tomcat/tomcat-4.1-doc/realm-howto.html#JDBCRealm is incorrect. The example shows : Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost/authority?user=dbuserpassword=dbpass userTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name/ This does not get past the XML parser because the parser does not like the all by itself. This should be the HTML entity for the instead: Realm className=org.apache.catalina.realm.JDBCRealm debug=99 driverName=org.gjt.mm.mysql.Driver connectionURL=jdbc:mysql://localhost/authority?user=dbuseramp;password=dbp ass userTable=users userNameCol=user_name userCredCol=user_pass userRoleTable=user_roles roleNameCol=role_name/ -- John ___ John Murtari Software Workshop Inc. [EMAIL PROTECTED] 315.695.1301(x-211)TheBook.Com (TM) http://www.thebook.com/ -- To unsubscribe, e-mail: mailto:tomcat-user-unsubscribe;jakarta.apache.org For additional commands, e-mail: mailto:tomcat-user-help;jakarta.apache.org