Here's my realm from Tomcat 4.1.x
<Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
driverName="com.mysql.jdbc.Driver"
connectionURL="jdbc:mysql://localhost:3306/appfuse?autoReconnect=true"
connectionName="test" connectionPassword="test"
userTable="app_user" userNameCol="username"
userCredCol="password"
userRoleTable="user_role" roleNameCol="role_name" />
-----Original Message-----
From: Jim Lynch [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 19, 2003 2:20 PM
To: Tomcat Users List
Subject: Re: Can <JDBCrealm ... be in META-INF/context.xml file?
Thanks, I'm making progress. I found samples of three different
versions of the "realm" descriptor.
<JDBCRealm ... <realm ... and <Realm
<JDBCRealm and <Realm both behave the same. When I use them with:
connectionURL="jdbc:mysql://localhost/authority?user=jim&password=jim"
I get an error message upon deployment:
FAIL - Encountered exception java.io.IOException:
org.xml.sax.SAXParseException: The reference to entity "password" must
end with the ';' delimiter.
Adding a ; to the end of the password doesn't help. However changing it
to:
connectionURL="jdbc:mysql://localhost/authority?user=jim;password=jim"
does fix the problem, however when I attempt to log in, it fails.
There are no entries in the mysql.log file so I'm pretty sure it isn't
actually getting logged in.
Here is part of the localhost_log.2003-06-19.txt file:
I apologize for the wrap...
2003-06-19 16:02:09 StandardWrapper[/resources:default]: Loading
container servlet default
2003-06-19 16:02:09 StandardWrapper[/resources:invoker]: Loading
container servlet invoker
2003-06-19 16:02:09 StandardContext[/resources]: Starting completed
2003-06-19 16:02:31 Authenticator[/resources]: Security checking request
GET /resources
2003-06-19 16:02:31 Authenticator[/resources]: Checking constraint
'SecurityConstraint[resources]' against GET --> true
2003-06-19 16:02:31 Authenticator[/resources]: Subject to constraint
SecurityConstraint[resources]
2003-06-19 16:02:31 Authenticator[/resources]: Calling checkUserData()
2003-06-19 16:02:31 Authenticator[/resources]: User data constraint
has no restrictions
2003-06-19 16:02:31 Authenticator[/resources]: Calling authenticate()
2003-06-19 16:02:31 Authenticator[/resources]: Failed authenticate()
test
2003-06-19 16:02:31 Authenticator[/resources]: Security checking request
GET /resources
2003-06-19 16:02:31 Authenticator[/resources]: Checking constraint
'SecurityConstraint[resources]' against GET --> true
2003-06-19 16:02:31 Authenticator[/resources]: Subject to constraint
SecurityConstraint[resources]
2003-06-19 16:02:31 Authenticator[/resources]: Calling checkUserData()
2003-06-19 16:02:31 Authenticator[/resources]: User data constraint
has no restrictions
2003-06-19 16:02:31 Authenticator[/resources]: Calling authenticate()
2003-06-19 16:02:31 Authenticator[/resources]: Failed authenticate()
test
2003-06-19 16:02:33 Authenticator[/resources]: Security checking request
GET /resources
2003-06-19 16:02:33 Authenticator[/resources]: Checking constraint
'SecurityConstraint[resources]' against GET --> true
2003-06-19 16:02:33 Authenticator[/resources]: Subject to constraint
SecurityConstraint[resources]
2003-06-19 16:02:33 Authenticator[/resources]: Calling checkUserData()
2003-06-19 16:02:33 Authenticator[/resources]: User data constraint
has no restrictions
2003-06-19 16:02:33 Authenticator[/resources]: Calling authenticate()
2003-06-19 16:02:33 Authenticator[/resources]: Failed authenticate()
test
I can't find anything in the log as a result of the debug setting in the
<realm . Here's my whole context.xml file:
<Context className="org.apache.catalina.core.StandardContext"
cachingAllowed="true"
charsetMapperClass="org.apache.catalina.util.CharsetMapper"
cookies="true" crossContext="false" debug="9"
displayName="resources"
docBase="/usr/local/jakarta-tomcat-4.1.24/webapps/resources"
mapperClass="org.apache.catalina.core.StandardContextMapper"
path="/resources" privileged="false" reloadable="false"
swallowOutput="false" useNaming="true"
wrapperClass="org.apache.catalina.core.StandardWrapper">
<JDBCRealm classname="org.apache.catalina.realm.JDBCRealm"
debug="9" driverName="org.gjt.mm.mysql.Driver"
connectionURL="jdbc:mysql://localhost/authority?user=jim&password=jim"
userTable="users"
userNameCol="user_name"
userCredCol="user_pass"
userRoleTable="user_roles" roleNameCol="role_name" />
</Context>
Anyone see what might be wrong?
I've logged into the mysql database with the user/pw and accessed the
tables so I'm sure that is working. Besides, if he attempted to log in,
it would show up in the mysql.log. The application I'm trying to
protect is accessing mysql fine, so I know the .jar file is working.
THanks,
Jim.
"Shapira, Yoav" wrote:
>
> Howdy,
> As the Realm configuration document says:
>
> "You may nest a Realm inside any Catalina container Engine, Host, or
> Context). In addition, Realms associated with an Engine or a Host are
> automatically inherited by lower-level containers, unless explicitly
> overridden."
>
> So yes to your first (subject line) question.
>
> >Next question. Once I've got it there, what do I have to do to
> >1. For a login for the app.
> >2. After the user has logged in, how do I get his role?
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
