Problem using FORM based authetication (Tomcat 4.1)

[Alan Chandler]

I have a small database application that I am developing.  I have set up a 
JNDI resource in order to access it in the application.  This is defined just 
inside <host ...> level in server.xml (password changed)


                        <Resource auth="Container" name="jdbc/family_tree" 
type="javax.sql.DataSource"/> 

                        <ResourceParams name="jdbc/family_tree">
                                <parameter>
                                <name>factory</name>
                                
<value>org.apache.commons.dbcp.BasicDataSourceFactory</value>
                                </parameter>
                                <parameter>
                                <name>driverClassName</name>
                                        <value>org.postgresql.Driver</value>
                                </parameter>
                                <parameter>
                                <name>url</name>
                                
<value>jdbc:postgresql://127.0.0.1:5432/family_tree</value>
                                </parameter>
                                <parameter>
                                <name>username</name>
                                <value>tomcat4</value>
                                </parameter>
                                <parameter>
                                <name>password</name>
                                <value>xxxxxxx</value>
                                </parameter>
                                <parameter>
                                <name>maxActive</name>
                                <value>20</value>
                                </parameter>
                                <parameter>
                                        <name>maxIdle</name>
                                <value>10</value>
                                </parameter>
                                <parameter>
                                <name>maxWait</name>
                                <value>-1</value>
                                </parameter>
                        </ResourceParams> 


I have decided to try and use the same database to authenticate users to a 
certain part of the web site.  So added the appropriate user and user_role 
tables, and added the appropriate Realm statement into my server.xml file 
(just inside the <Context ...> tag )
Thus:

                        <Realm 
className="org.apache.catalina.realm.DataSourceRealm" debug="99"
   dataSourceName="java:/comp/env/jdbc/family_tree"
   userTable="users" userNameCol="user_name" userCredCol="user_pass"
   userRoleTable="user_roles" roleNameCol="role_name"/>


I have got it set up so that the particular pages I want to protect are in a 
subdirectory and can therefore use a url pattern to invoke the handler.

        <security-constraint>
                <web-resource-collection>
                        <web-resource-name>Edit part of 
application</web-resource-name>
                        <url-pattern>/security/*</url-pattern>
                </web-resource-collection>
                <auth-constraint>
                        <role-name>editor</role-name>
                </auth-constraint>
        </security-constraint>
        
        <login-config>
                <auth-method>FORM</auth-method>
                <realm-name>Family Tree Editor</realm-name>
                <form-login-config>
                <form-login-page>/Login.page</form-login-page>
                <form-error-page>/Error.page</form-error-page>
        </form-login-config>
        </login-config>
                
        <security-role>
                <description>The role for Family Tree Editor</description>
                <role-name>editor</role-name>
        </security-role>



When an attempt is made to access these urls, my "Login.page" (I am using 
tapestry with friendly URL direction - so these names cause tapestry to 
display the form with my own site border round them) is correctly displayed.  
However whatever I do to login the Error.page is activated.

Looking at the logs I get a message saying that the jndi name can't be found

 2005-08-28 08:32:07 DataSourceRealm[/famtree]: Exception performing 
authentication
javax.naming.NameNotFoundException: Name java:comp is not bound in this 
Context
        at org.apache.naming.NamingContext.lookup(NamingContext.java:764)
        at org.apache.naming.NamingContext.lookup(NamingContext.java:147)
        at 
org.apache.catalina.realm.DataSourceRealm.open(DataSourceRealm.java:421)
        at 
org.apache.catalina.realm.DataSourceRealm.authenticate(DataSourceRealm.java:269)
        at 
org.apache.catalina.authenticator.FormAuthenticator.authenticate(FormAuthenticator.java:227)
...


However, I know that this name works for my application where I am using 
iBATIS to access the database.  The following 

 <transactionManager type="JDBC" >
   <dataSource type="JNDI">
     <property name="DataSource" value="java:/comp/env/jdbc/family_tree"/>
 </dataSource>
 </transactionManager>

is some simple XML that defines to iBATIS where to find the database, and this 
is working.

Can someone tell me what I am doing wrong.  I have scanned all the docs I can 
find and lots of them give examples of how to do it - which I think I have 
followed.  Nowhere can I find any formal reference for all the tags 
(particularly those <security-constraint> and related tags in my web.xml file 
so that I can check.

Of some puzzle is why the exception printout says only that java:comp can't be 
found rather than the full path to the database!


-- 
Alan Chandler
http://www.chandlerfamily.org.uk

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]