This is a problem of the AJP12 connector, well really not a problem,
it's suppoused that when Tomcat is used behind any Web server ( IIS in
your case ) the BASIC auth headers are honored by the HTTP Server itself
not Tomcat, Tomcat ( in cooperation with ISAPI filter ) tries retrieve
this info from HTTP Server and in the IIS case this is a big problem, as
the BASIC config on IIS is connected to the NT auth in the OS so
everybody that tries to use IIS Basic auth have this problem...a Sad
problem..
3.3 can help you :) , this problem is resolved by adding a new (
undocumented until today :) attribute to AJP12connector ,
"tomcatAuthentication" when this attribute is true , Tomcat tries to do
BASIC auth by itself without reliying on HTTPServer capacities thus
making you happier ...
Hope this helps..
Saludos ,
Ignacio J. Ortega
-Mensaje original-
De: Ricardo Gladwell [mailto:[EMAIL PROTECTED]]
Enviado el: jueves 12 de abril de 2001 14:09
Para: Tomcat Users
Asunto: Basic HTTP Authorization and JDBCRealm
Dear All,
I'm using JDBCRealm on Tomcat through IIS 5.0 on Windows 2000 to
authenticate users for my companies Intranet. I managed to
configure my
server to authenticate user via HTTP basic authorization.
However, when I
attempt to log into my web application I receive the
following errors in my
jvm.stderr.log file:
2001-04-12 12:54:33 - ContextManager: JDBCRealm:
JDBCRealm.authenticate:
SELECT Password FROM People WHERE UserName = ?
2001-04-12 12:54:34 - ContextManager: JDBCRealm:
Authentication unsuccessful
for user null
With a bit a research it would appear that the JDBCRealm
interceptor is not
reading the HTTP Authorization header properly. The
authenticate( String,
Hashtable ) method is being passed a null value for the
username, or the
authenticate( Request, Response ) is not receiving the
headers. Perhaps IIS
or the ISAPI redirector are stripping this header when it
passes the request
onto Tomcat?
If anyone could tell me what I'm doing wrong or where the
problem is likely
to lie, I would be most grateful as this conundrum is eating
up days of my
time. Here is the configuration for my server.xml file (the
SimpleRealm
interceptor is commented out):
RequestInterceptor
className="org.apache.tomcat.request.JDBCRealm"
debug="99"
driverName="sun.jdbc.odbc.JdbcOdbcDriver"
connectionURL="jdbc:odbc:Intranet"
connectionName="user"
connectionPassword="pass"
userTable="People"
userNameCol="UserName"
userCredCol="Password"
userRoleTable="Roles"
roleNameCol="RoleName"
/
Here is the configuration from the web.xml for my web application:
security-constraint
web-resource-collection
web-resource-nameIntranet/web-resource-name
url-pattern/*/url-pattern
/web-resource-collection
auth-constraint
role-nameIntranetUser/role-name
/auth-constraint
/security-constraint
login-config
auth-methodBASIC/auth-method
realm-nameUBQT Media Intranet/realm-name
/login-config
TIA...
--
Ricardo Gladwell
UBQT Media PLC, Windsor
Mobile: (07779) 841 444