Hi, thank you very much Juan Manuel,I have configured the validationQuery following your advice and indeed the problem is not happening any more.
You saved me a lot of time, thank you ! Raphaël Le 15/01/2013 15:16, Juan Manuel Barroso a écrit :
Usually this happens because you haven't configured de query to validate the database connection. You should have configured in the dataSource bean something like this: <property name="validationQuery"> <value>select 1 from dual</value> </property> A complete bean example: <bean id="cas-ds" class="org.apache.commons.dbcp.BasicDataSource"> <property name="driverClassName"> <value>com.mysql.jdbc.Driver</value> </property> <property name="url"> <value>jdbc:mysql://ec-mysql-pre:3306/ec-auth</value> </property> <property name="username"> <value>username</value> </property> <property name="password"> <value>password</value> </property> <property name="validationQuery"> <value>select 1 from dual</value> </property> </bean> I hope this helps. On Tuesday, January 15, 2013 1:51:23 PM UTC, Raphaël Tournoy wrote:Hi all, I'm testing a CAS 3.5.0 with JDBC authentication. Usernames/passwords and TicketRegistry are stored in a Mysql Database on another host. Everything seems to be working fine except random login errors : At random time, the authentication fails with a correct login and correct password. I mean, the *first* attempt fails, but it is successful at the second attempt. Then all further attempts will be successful, until it fails again *one* time with a good login/password. We have same the problem with different browser and IP, and also with different usernames/passwords. The first login attempt fails with this message : "The credentials you provided cannot be determined to be authentic." I'm sure it is not a mismatched login/password because I always copy and paste the login/password in order to avoid these errors during tests. Also, other users have experienced the same problem with a simple login password and a copy/paste. I found this message in catalina.out at the time of the first failed attempt : catalina.out : 2013-01-15 09:09:34,536 DEBUG [org.springframework.orm.jpa.JpaTransactionManager] - <Opened new EntityManager [org.hibernate.ejb.EntityManagerImpl@16f8d80] for JPA transaction> 2013-01-15 09:09:34,536 DEBUG [org.springframework.orm.jpa.JpaTransactionManager] - <Exposing JPA transaction as JDBC transaction [org.springframework.orm.jpa.vendor.HibernateJpaDialect$HibernateConnectionHandle@b2d250]> 2013-01-15 09:09:34,537 DEBUG [org.springframework.jdbc.core.JdbcTemplate] - <Executing prepared SQL query> 2013-01-15 09:09:34,537 DEBUG [org.springframework.jdbc.core.JdbcTemplate] - <Executing prepared SQL statement [Select count('x') from TEST_TABLE Where MYUSERNAME = ? And MYPASSWORD = ?]> 2013-01-15 09:09:34,537 DEBUG [org.springframework.jdbc.datasource.DataSourceUtils] - <Fetching JDBC Connection from DataSource> 2013-01-15 09:09:34,537 DEBUG [org.springframework.jdbc.datasource.DataSourceUtils] - <Registering transaction synchronization for JDBC Connection> 2013-01-15 09:09:34,539 DEBUG [org.springframework.jdbc.support.SQLErrorCodesFactory] - <Looking up default SQLErrorCodes for DataSource [org.apache.commons.dbcp.BasicDataSource@479326]> 2013-01-15 09:09:34,540 WARN [org.springframework.jdbc.support.SQLErrorCodesFactory] - <Error while extracting database product name - falling back to empty error codes> 2013-01-15 09:09:34,546 DEBUG [org.springframework.jdbc.support.SQLErrorCodeSQLExceptionTranslator] - <Unable to translate SQLException with Error code '0', will now try the fallback translator> 2013-01-15 09:09:34,546 ERROR [org.jasig.cas.authentication.AuthenticationManagerImpl] - <org.jasig.cas.adaptors.jdbc.SearchModeSearchDatabaseAuthenticationHandler threw error authenticating [username: TestUserName] EOF catalina.out. Since the server is not under heavy load, that could be related to some period of inactivity. I have no idea of what is going wrong, I would be grateful if someone has an idea, a workaround or at least a way to get more information in the logs. thank you for your help, -- Raphaël
-- Raphaël Tournoy CNRS/CCSD 04 72 69 41 71 http://ccsd.cnrs.fr/
smime.p7s
Description: Signature cryptographique S/MIME
