Still failing authentication - need help on how to Debug
I am still struggling to get tomcat to authenticate access to my application. As a starting point I am trying to use BASIC authentication with the DataSource Realm (basically because I can check the query SQL) Whatever I do the user is presented with the authentication dialog box, but this authentication ALWAYS fails. Any way, as can be seen from the logs I am doing an authenticate test and failing. But thats not suprising when you look at the SQL that is being requested. The username is null Why? I can't see how I have anything wrong in server.xml - otherwise the postgres query would not have happened. I can't see what I could possibly have wrong in my web.xml as this does not even mention username!. Nevertheless - here is my web.xml is below How can I get further info that would be helpful in debugging this? ===famtree log (from tomcat4) 2005-11-01 19:53:00 famtree: init 2005-11-01 19:54:29 Authenticator[/famtree]: Security checking request GET /famtree/app 2005-11-01 19:54:29 Authenticator[/famtree]: Checking constraint 'SecurityConstraint[Famtree Application]' against GET /app -- true 2005-11-01 19:54:29 Authenticator[/famtree]: Subject to constraint SecurityConstraint[Famtree Application] 2005-11-01 19:54:29 Authenticator[/famtree]: Calling checkUserData() 2005-11-01 19:54:29 Authenticator[/famtree]: User data constraint has no restrictions 2005-11-01 19:54:29 Authenticator[/famtree]: Calling authenticate() 2005-11-01 19:54:30 Authenticator[/famtree]: Failed authenticate() test roo:/var/log/tomcat4# =postgres.log 2005-11-01 19:54:30 [3756] LOG: duration: 0.283 ms statement: set client_encoding = 'UNICODE' 2005-11-01 19:54:30 [3756] LOG: duration: 5.291 ms statement: SELECT password FROM users WHERE name = null ===web.xml ?xml version=1.0 encoding=UTF-8? !DOCTYPE web-app PUBLIC -//Sun Microsystems, Inc.//DTD Web Application 2.3//EN http://java.sun.com/dtd/web-app_2_3.dtd; web-app id=WebApp_ID display-nameFamily Tree Manager/display-name filter filter-nameredirect/filter-name filter-classorg.apache.tapestry.RedirectFilter/filter-class /filter filter-mapping filter-nameredirect/filter-name url-pattern//url-pattern /filter-mapping servlet servlet-namefamtree/servlet-name servlet-classorg.apache.tapestry.ApplicationServlet/servlet-class load-on-startup0/load-on-startup /servlet servlet-mapping servlet-namefamtree/servlet-name url-pattern/app/url-pattern /servlet-mapping servlet-mapping servlet-namefamtree/servlet-name url-pattern*.page/url-pattern /servlet-mapping servlet-mapping servlet-namefamtree/servlet-name url-pattern*.do/url-pattern /servlet-mapping servlet-mapping servlet-namefamtree/servlet-name url-pattern*.sdo/url-pattern /servlet-mapping servlet-mapping servlet-namefamtree/servlet-name url-pattern*.svc/url-pattern /servlet-mapping servlet-mapping servlet-namefamtree/servlet-name url-pattern/assets/*/url-pattern /servlet-mapping session-config session-timeout15/session-timeout /session-config welcome-file-list welcome-fileindex.html/welcome-file welcome-fileindex.htm/welcome-file welcome-fileindex.jsp/welcome-file welcome-filedefault.html/welcome-file welcome-filedefault.htm/welcome-file welcome-filedefault.jsp/welcome-file /welcome-file-list resource-ref descriptionFamily Tree Database/description res-ref-namejdbc/family_tree/res-ref-name res-typejavax.sql.DataSource/res-type res-authContainer/res-auth res-sharing-scopeShareable/res-sharing-scope /resource-ref security-constraint web-resource-collection web-resource-nameFamtree Application/web-resource-name url-pattern/*/url-pattern /web-resource-collection auth-constraint role-namefamily/role-name /auth-constraint /security-constraint login-config auth-methodBASIC/auth-method realm-nameFamily Member/realm-name /login-config security-role role-namefamily/role-name /security-role /web-app -- Alan Chandler http://www.chandlerfamily.org.uk Open Source. It's the difference between trust and antitrust. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Still failing authentication - need help on how to Debug
Hi Alan, Show us the relevant section of your server.xml. Are you using a view in your database? What the authenticator is doing is basically two select statements on your database to find the usernames and passwords. If the name of the username column is not correctly corresponding to the username column in the database then you may be in trouble! Andoni. - Original Message - From: Alan Chandler Newsgroups: gmane.comp.jakarta.tomcat.user Sent: Tuesday, November 01, 2005 8:07 PM Subject: Still failing authentication - need help on how to Debug I am still struggling to get tomcat to authenticate access to my application. As a starting point I am trying to use BASIC authentication with the DataSource Realm (basically because I can check the query SQL) Whatever I do the user is presented with the authentication dialog box, but this authentication ALWAYS fails. Any way, as can be seen from the logs I am doing an authenticate test and failing. But thats not suprising when you look at the SQL that is being requested. The username is null Why? I can't see how I have anything wrong in server.xml - otherwise the postgres query would not have happened. I can't see what I could possibly have wrong in my web.xml as this does not even mention username!. Nevertheless - here is my web.xml is below How can I get further info that would be helpful in debugging this?
Re: Still failing authentication - need help on how to Debug
On Tuesday 01 Nov 2005 20:26, Andoni wrote: Hi Alan, Show us the relevant section of your server.xml. Are you using a view in your database? What the authenticator is doing is basically two select statements on your database to find the usernames and passwords. If the name of the username column is not correctly corresponding to the username column in the database then you may be in trouble! You are not going to believe this, but I was fiddling about putting ethereal up to try and check what username was going between the machines and it suddenly just started working. I have no idea what I have done that makes it work, or why it wasn't working before. (I have only just switched over the Datasource Realm because I couldn't get the UserDatabase Realm to work either.). -- Alan Chandler http://www.chandlerfamily.org.uk Open Source. It's the difference between trust and antitrust. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]