Hi,
thank you very much Juan Manuel,

I have configured the validationQuery following your advice and indeed the problem is not happening any more.

You saved me a lot of time, thank you !

Raphaël






Le 15/01/2013 15:16, Juan Manuel Barroso a écrit :
Usually this happens because you haven't configured de query to validate
the database connection.

You should have configured in the dataSource bean something like this:

<property name="validationQuery">
             <value>select 1 from dual</value>
</property>

A complete bean example:

<bean id="cas-ds" class="org.apache.commons.dbcp.BasicDataSource">
<property name="driverClassName">
<value>com.mysql.jdbc.Driver</value>
</property>
<property name="url">
<value>jdbc:mysql://ec-mysql-pre:3306/ec-auth</value>
</property>
<property name="username">
<value>username</value>
</property>
<property name="password">
<value>password</value>
</property>
<property name="validationQuery">
                        <value>select 1 from dual</value>
                  </property>
       </bean>


I hope this helps.


On Tuesday, January 15, 2013 1:51:23 PM UTC, Raphaël Tournoy wrote:

Hi all,

I'm testing a CAS 3.5.0 with JDBC authentication. Usernames/passwords
and TicketRegistry are stored in a Mysql Database on another host.
Everything seems to be working fine except random login errors :

At random time, the authentication fails with a correct login and
correct password. I mean, the *first* attempt fails, but it is
successful at the second attempt. Then all further attempts will be
successful, until it fails again *one* time with a good login/password.
We have same the problem with different browser and IP, and also with
different usernames/passwords.

The first login attempt fails with this message :
"The credentials you provided cannot be determined to be authentic."

I'm sure it is not a mismatched login/password because I always copy and
paste the login/password in order to avoid these errors during tests.
Also, other users have experienced the same problem  with a simple login
password and a copy/paste.

I found this message in catalina.out at the time of the first failed
attempt :

catalina.out :

2013-01-15 09:09:34,536 DEBUG
[org.springframework.orm.jpa.JpaTransactionManager] - <Opened new
EntityManager [org.hibernate.ejb.EntityManagerImpl@16f8d80] for JPA
transaction>
2013-01-15 09:09:34,536 DEBUG
[org.springframework.orm.jpa.JpaTransactionManager] - <Exposing JPA
transaction as JDBC transaction
[org.springframework.orm.jpa.vendor.HibernateJpaDialect$HibernateConnectionHandle@b2d250]>

2013-01-15 09:09:34,537 DEBUG
[org.springframework.jdbc.core.JdbcTemplate] - <Executing prepared SQL
query>
2013-01-15 09:09:34,537 DEBUG
[org.springframework.jdbc.core.JdbcTemplate] - <Executing prepared SQL
statement [Select count('x') from TEST_TABLE Where MYUSERNAME = ? And
MYPASSWORD = ?]>
2013-01-15 09:09:34,537 DEBUG
[org.springframework.jdbc.datasource.DataSourceUtils] - <Fetching JDBC
Connection from DataSource>
2013-01-15 09:09:34,537 DEBUG
[org.springframework.jdbc.datasource.DataSourceUtils] - <Registering
transaction synchronization for JDBC Connection>
2013-01-15 09:09:34,539 DEBUG
[org.springframework.jdbc.support.SQLErrorCodesFactory] - <Looking up
default SQLErrorCodes for DataSource
[org.apache.commons.dbcp.BasicDataSource@479326]>
2013-01-15 09:09:34,540 WARN
[org.springframework.jdbc.support.SQLErrorCodesFactory] - <Error while
extracting database product name - falling back to empty error codes>
2013-01-15 09:09:34,546 DEBUG
[org.springframework.jdbc.support.SQLErrorCodeSQLExceptionTranslator] -
<Unable to translate SQLException with Error code '0', will now try the
fallback translator>
2013-01-15 09:09:34,546 ERROR
[org.jasig.cas.authentication.AuthenticationManagerImpl] -
<org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler
threw error authenticating [username: TestUserName]

EOF catalina.out.

Since the server is not under heavy load, that could be related to some
period of inactivity.

I have no idea of what is going wrong, I would be grateful if someone
has an idea, a workaround or at least a way to get more information in
the logs.

thank you for your help,

--
Raphaël




--
Raphaël Tournoy
CNRS/CCSD
04 72 69 41 71
http://ccsd.cnrs.fr/

Attachment: smime.p7s
Description: Signature cryptographique S/MIME

Reply via email to